urlscan.io logo urlscan.io
SecurityTrails logo

www.daradaily.com Open in urlscan Pro
111.223.32.15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://daradaily.com/news/121632/read
Effective URL: https://www.daradaily.com/news/121632/read
Submission: On December 13 via api from BG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 92 IPs in 12 countries across 79 domains to perform 337 HTTP transactions. The main IP is 111.223.32.15, located in Thailand and belongs to PROENNET-AS Proen Corp Public Company Limited., TH. The main domain is www.daradaily.com.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on April 12th 2022. Valid for: a year.
This is the only time www.daradaily.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 39 111.223.32.15 23884 (PROENNET-...)
3 151.101.65.55 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
3 10 2a00:1450:400... 15169 (GOOGLE)
4 172.241.51.68 7979 (SERVERS-COM)
2 146.75.116.157 54113 (FASTLY)
1 184.30.25.99 16625 (AKAMAI-AS)
11 2606:4700:1::... 13335 (CLOUDFLAR...)
1 2 142.250.185.230 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 151.101.65.44 54113 (FASTLY)
4 2a03:2880:f08... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.156.76.170 16509 (AMAZON-02)
9 185.86.138.121 201081 (SMARTADSE...)
1 4 37.252.171.22 29990 (ASN-APPNEX)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2a02:2638::24 44788 (ASN-CRITE...)
1 4 172.64.154.237 13335 (CLOUDFLAR...)
3 34.98.64.218 396982 (GOOGLE-CL...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
14 2606:4700:1::... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 162.19.138.120 16276 (OVH)
1 162.19.138.116 16276 (OVH)
30 2a00:1450:400... 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 2a02:2638::3 44788 (ASN-CRITE...)
1 18.66.97.9 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
4 13.32.99.100 16509 (AMAZON-02)
6 13.248.245.213 16509 (AMAZON-02)
20 2a00:1450:400... 15169 (GOOGLE)
2 141.95.98.65 16276 (OVH)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
3 52.19.187.82 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
6 13 142.250.185.98 15169 (GOOGLE)
1 1 91.210.226.72 48314 (IP-PROJECTS)
1 1 139.162.159.252 63949 (LINODE-AP...)
5 52.223.40.198 16509 (AMAZON-02)
3 6 2a02:2638:1::13 44788 (ASN-CRITE...)
1 104.244.42.8 13414 (TWITTER)
3 2.18.234.190 16625 (AKAMAI-AS)
1 2 2620:116:800d... 16509 (AMAZON-02)
3 3 185.29.134.248 30419 (MEDIAMATH...)
3 3 213.155.156.181 1299 (TWELVE99 ...)
3 3 37.157.6.233 198622 (ADFORM)
4 4 213.19.147.44 26120 (RHYTHMONE)
4 4 37.252.171.149 29990 (ASN-APPNEX)
1 209.58.178.190 59253 (LEASEWEB-...)
4 178.250.0.157 44788 (ASN-CRITE...)
2 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
3 2.18.233.180 16625 (AKAMAI-AS)
1 185.64.190.89 62713 (AS-PUBMATIC)
1 213.227.153.221 60781 (LEASEWEB-...)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 93.186.225.194 47541 (VKONTAKTE...)
1 217.20.155.208 47764 (VK-AS)
1 146.75.122.132 54113 (FASTLY)
1 3 185.64.190.78 62713 (AS-PUBMATIC)
1 52.222.236.18 16509 (AMAZON-02)
11 185.64.190.80 62713 (AS-PUBMATIC)
4 185.64.189.110 62713 (AS-PUBMATIC)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 2 67.220.228.200 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 34.91.62.186 396982 (GOOGLE-CL...)
3 3 3.122.66.11 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
2 2a05:d018:d29... 16509 (AMAZON-02)
3 3 3.126.56.137 16509 (AMAZON-02)
2 198.47.127.20 3257 (GTT-BACKB...)
1 23.106.249.95 59253 (LEASEWEB-...)
1 1 31.220.27.135 39572 (ADVANCEDH...)
1 143.204.89.70 16509 (AMAZON-02)
1 108.138.7.53 16509 (AMAZON-02)
1 13.32.99.86 16509 (AMAZON-02)
1 130.211.115.4 396982 (GOOGLE-CL...)
2 172.64.151.162 13335 (CLOUDFLAR...)
1 88.221.168.189 16625 (AKAMAI-AS)
1 184.30.20.22 16625 (AKAMAI-AS)
1 1 54.237.254.37 ()
1 2 151.101.2.49 ()
1 1 35.214.223.115 ()
1 2 2606:4700::68... ()
1 173.231.181.122 ()
1 195.5.165.20 ()
1 5.161.54.172 ()
1 1 141.95.171.142 ()
1 1 141.94.171.216 ()
1 2606:4700:10:... ()
2 2 34.111.129.221 ()
1 34.111.131.239 ()
1 2a02:fa8:8806... ()
1 98.98.134.241 ()
1 1 2001:678:cb4:... ()
1 1 159.65.194.197 ()
1 1 34.102.253.54 ()
1 5 185.80.39.216 ()
1 209.54.182.161 ()
2 2 35.157.98.214 ()
337 92
39    111.223.32.15 (Thailand)

ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH)
PTR: ppp-111.223.32.15.revip.proen.co.th
daradaily.com
www.daradaily.com
3    151.101.65.55 (United States)

ASN54113 (FASTLY, US)
anymind360.com
7    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
10    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    172.241.51.68 (Netherlands)

ASN7979 (SERVERS-COM, US)
code.th.giraff.io
code.yengo.com
2    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
platform.twitter.com
1    184.30.25.99 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-99.deploy.static.akamaitechnologies.com
scdn.line-apps.com
11    2606:4700:1::6813:874e (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
2    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
14    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700:10::6816:31fd (United States)

ASN13335 (CLOUDFLARENET, US)
tag.adbro.me
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
4    2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    35.156.76.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-76-170.eu-central-1.compute.amazonaws.com
tlx.3lift.com
9    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg-apac.smartadserver.com
4    37.252.171.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
4    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adasia-d.openx.net
google-bidout-d.openx.net
u.openx.net
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
7    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
14    2606:4700:1::6813:864e (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    2606:4700:4400::ac40:9040 (United States)

ASN13335 (CLOUDFLARENET, US)
cl.imghosts.com
2    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lbs.eu-1-id5-sync.com
30    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-9.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:7400:a:e047:752:5701 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
4    13.32.99.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-100.fra60.r.cloudfront.net
ib.3lift.com
6    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
20    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
3    52.19.187.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
3    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    91.210.226.72 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    139.162.159.252 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1426-252.members.linode.com
cm.adsafety.net
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
6    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
3    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    213.155.156.181 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com
d5p.de17a.com
3    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    209.58.178.190 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
data.th.giraff.io
4    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
9    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    185.64.190.89 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
1    213.227.153.221 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce14.ams-01.nl.leaseweb.net
b1t-eudc1.zemanta.com
1    2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
1    93.186.225.194 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
vk.com
1    217.20.155.208 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: ip208.155.odnoklassniki.ru
connect.ok.ru
1    146.75.122.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
zem.outbrainimg.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    52.222.236.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-18.fra56.r.cloudfront.net
cnt.trvdp.com
11    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    67.220.228.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    85.114.159.93 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
3    3.122.66.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-66-11.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    2a05:d018:d29:3605:a6d:c1bf:1d00:7d4d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
1    23.106.249.95 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
a.th.giraff.io
1    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    143.204.89.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-70.fra50.r.cloudfront.net
go.trvdp.com
1    108.138.7.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-53.fra56.r.cloudfront.net
stg.truvidplayer.com
1    13.32.99.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-86.fra60.r.cloudfront.net
s.trvdp.com
1    130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
2    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    88.221.168.189 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-189.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    54.237.254.37 (None, )

ASN- ()
sync.srv.stackadapt.com
2    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    35.214.223.115 (None, )

ASN- ()
csync.loopme.me
2    2606:4700::6812:19ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    173.231.181.122 (None, )

ASN- ()
cm.adgrx.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    5.161.54.172 (None, )

ASN- ()
matching.truffle.bid
1    141.95.171.142 (None, )

ASN- ()
green.erne.co
1    141.94.171.216 (None, )

ASN- ()
pixel-eu.onaudience.com
1    2606:4700:10::ac43:db6 (None, )

ASN- ()
mwzeom.zeotap.com
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    34.111.131.239 (None, )

ASN- ()
idsync.frontend.weborama.fr
1    2a02:fa8:8806:20::2010 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    98.98.134.241 (None, )

ASN- ()
pixel-sync.sitescout.com
1    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
1    159.65.194.197 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
5    185.80.39.216 (None, )

ASN- ()
dsum-sec.casalemedia.com
1    209.54.182.161 (None, )

ASN- ()
s.amazon-adsystem.com
2    35.157.98.214 (None, )

ASN- ()
pm.w55c.net
Apex Domain
Subdomains		 Transfer
54 googlesyndication.com
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
446 KB
39 daradaily.com
daradaily.com — Cisco Umbrella Rank: 727048
www.daradaily.com
1 MB
38 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 164
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 81
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297
295 KB
25 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 440
ads.pubmatic.com — Cisco Umbrella Rank: 470
st.pubmatic.com — Cisco Umbrella Rank: 942
image6.pubmatic.com — Cisco Umbrella Rank: 680
simage2.pubmatic.com — Cisco Umbrella Rank: 657
image2.pubmatic.com — Cisco Umbrella Rank: 882
image4.pubmatic.com — Cisco Umbrella Rank: 805
simage4.pubmatic.com — Cisco Umbrella Rank: 1198
51 KB
25 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8031
c.mgid.com — Cisco Umbrella Rank: 5994
cdn.mgid.com — Cisco Umbrella Rank: 11106
servicer.mgid.com — Cisco Umbrella Rank: 8198
s-img.mgid.com — Cisco Umbrella Rank: 5213
cm.mgid.com — Cisco Umbrella Rank: 1296
396 KB
13 gstatic.com
www.gstatic.com
fonts.gstatic.com
514 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 734
gum.criteo.com — Cisco Umbrella Rank: 399
mug.criteo.com — Cisco Umbrella Rank: 3032
dis.criteo.com — Cisco Umbrella Rank: 700
16 KB
12 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 501
ib.3lift.com — Cisco Umbrella Rank: 1216
eb2.3lift.com — Cisco Umbrella Rank: 350
68 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
25 KB
9 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
7 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 218
secure.adnxs.com — Cisco Umbrella Rank: 430
acdn.adnxs.com — Cisco Umbrella Rank: 579
24 KB
9 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 12987
3 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
307 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
2 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 323
1 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
graph.facebook.com — Cisco Umbrella Rank: 141
869 B
5 openx.net
adasia-d.openx.net — Cisco Umbrella Rank: 37504
oajs.openx.net — Cisco Umbrella Rank: 2673
google-bidout-d.openx.net — Cisco Umbrella Rank: 2620
u.openx.net — Cisco Umbrella Rank: 667
966 B
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1211
bcp.crwdcntrl.net — Cisco Umbrella Rank: 880
sync.crwdcntrl.net — Cisco Umbrella Rank: 752
11 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 941
id5-sync.com — Cisco Umbrella Rank: 448
35 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
199 KB
4 giraff.io
code.th.giraff.io — Cisco Umbrella Rank: 142735
data.th.giraff.io — Cisco Umbrella Rank: 129266
a.th.giraff.io — Cisco Umbrella Rank: 144517
29 KB
3 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
738 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
1 KB
3 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1090
s.amazon-adsystem.com
2 KB
3 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 43797
go.trvdp.com — Cisco Umbrella Rank: 36688
s.trvdp.com — Cisco Umbrella Rank: 36565
136 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 503
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 639
2 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5026
865 B
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 447
2 KB
3 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1381
13 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 662
71 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 758
syndication.twitter.com — Cisco Umbrella Rank: 1118
133 KB
3 anymind360.com
anymind360.com — Cisco Umbrella Rank: 23096
155 KB
2 w55c.net
pm.w55c.net
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
699 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 605
cdn.indexww.com
2 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 644
953 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1119
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1332
689 B
2 google.de
www.google.de — Cisco Umbrella Rank: 7952
adservice.google.de — Cisco Umbrella Rank: 11832
1 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1130
contextual.media.net — Cisco Umbrella Rank: 553
9 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 396
3 KB
2 yengo.com
code.yengo.com — Cisco Umbrella Rank: 5004
245 B
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 281
17 KB
2 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1066
169 KB
2 adbro.me
tag.adbro.me — Cisco Umbrella Rank: 24786
32 KB
1 playground.xyz
ads.playground.xyz
467 B
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 turn.com
ad.turn.com
518 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 zeotap.com
mwzeom.zeotap.com
382 B
1 onaudience.com
pixel-eu.onaudience.com
734 B
1 erne.co
green.erne.co
367 B
1 truffle.bid
matching.truffle.bid
1 iprom.net
core.iprom.net
277 B
1 adgrx.com
cm.adgrx.com
283 B
1 loopme.me
csync.loopme.me
225 B
1 stackadapt.com
sync.srv.stackadapt.com
617 B
1 ad-score.com
data.ad-score.com — Cisco Umbrella Rank: 4943
726 B
1 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 32367
2 KB
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 12019
208 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 713
759 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 810
612 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1494
524 B
1 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 2632
14 KB
1 ok.ru
connect.ok.ru — Cisco Umbrella Rank: 39267
2 KB
1 vk.com
vk.com — Cisco Umbrella Rank: 7048
567 B
1 zemanta.com
b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 24045
151 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 269
15 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 936
576 B
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 29657
1 KB
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 47403
823 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2380
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2810
8 KB
1 imghosts.com
cl.imghosts.com — Cisco Umbrella Rank: 13230
600 KB
1 line-apps.com
scdn.line-apps.com — Cisco Umbrella Rank: 72547
2 KB
0 contextweb.com Failed
bh.contextweb.com Failed
337 79
Domain Requested by
38 www.daradaily.com www.daradaily.com
30 tpc.googlesyndication.com f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
20 pagead2.googlesyndication.com anymind360.com
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.daradaily.com
securepubads.g.doubleclick.net
www.googletagservices.com
14 s-img.mgid.com www.daradaily.com
14 securepubads.g.doubleclick.net anymind360.com
www.googletagservices.com
securepubads.g.doubleclick.net
www.daradaily.com
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
13 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
11 simage2.pubmatic.com ads.pubmatic.com
10 www.google.com 3 redirects www.daradaily.com
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
www.gstatic.com
www.google.com
tpc.googlesyndication.com
9 fonts.gstatic.com www.google.com
fonts.googleapis.com
9 prg-apac.smartadserver.com anymind360.com
7 www.googletagservices.com www.daradaily.com
securepubads.g.doubleclick.net
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
6 gum.criteo.com 3 redirects static.criteo.net
6 googleads.g.doubleclick.net anymind360.com
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
pagead2.googlesyndication.com
6 eb2.3lift.com f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
ib.3lift.com
anymind360.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 match.adsrvr.org googleads.g.doubleclick.net
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
ads.pubmatic.com
ssum-sec.casalemedia.com
4 image2.pubmatic.com ads.pubmatic.com
4 mug.criteo.com www.daradaily.com
4 secure.adnxs.com 4 redirects
4 ib.3lift.com f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
ib.3lift.com
4 www.facebook.com www.daradaily.com
connect.facebook.net
4 f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 ib.adnxs.com 1 redirects anymind360.com
acdn.adnxs.com
4 connect.facebook.net www.daradaily.com
connect.facebook.net
4 www.gstatic.com www.google.com
www.gstatic.com
4 jsc.mgid.com www.daradaily.com
jsc.mgid.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 ups.analytics.yahoo.com 3 redirects
3 x.bidswitch.net 3 redirects
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 ads.pubmatic.com www.daradaily.com
anymind360.com
ads.pubmatic.com
3 sync.1rx.io 3 redirects
3 c1.adform.net 3 redirects
3 d5p.de17a.com 3 redirects
3 sync.mathtag.com 3 redirects
3 widgets.outbrain.com ib.3lift.com
widgets.outbrain.com
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
3 fonts.googleapis.com www.daradaily.com
tpc.googlesyndication.com
3 static.criteo.net securepubads.g.doubleclick.net
anymind360.com
static.criteo.net
3 cdn.mgid.com www.daradaily.com
3 anymind360.com www.daradaily.com
anymind360.com
securepubads.g.doubleclick.net
2 pm.w55c.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net ads.pubmatic.com
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 cms.quantserve.com 1 redirects f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
2 oajs.openx.net 1 redirects www.daradaily.com
2 id5-sync.com cdn.id5-sync.com
2 cdn.id5-sync.com jsc.mgid.com
securepubads.g.doubleclick.net
2 cm.mgid.com jsc.mgid.com
2 tlx.3lift.com anymind360.com
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
2 cdn.jsdelivr.net anymind360.com
securepubads.g.doubleclick.net
2 code.yengo.com www.daradaily.com
2 ssl.google-analytics.com 1 redirects www.daradaily.com
2 cdn.taboola.com www.daradaily.com
cdn.taboola.com
2 tag.adbro.me www.daradaily.com
2 ad.doubleclick.net 1 redirects www.daradaily.com
2 platform.twitter.com www.daradaily.com
platform.twitter.com
2 code.th.giraff.io www.daradaily.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 s.amazon-adsystem.com ssum-sec.casalemedia.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 contextual.media.net anymind360.com
1 acdn.adnxs.com anymind360.com
1 u.openx.net anymind360.com
1 js-sec.indexww.com anymind360.com
1 simage4.pubmatic.com ads.pubmatic.com
1 data.ad-score.com s.trvdp.com
1 s.trvdp.com go.trvdp.com
1 stg.truvidplayer.com go.trvdp.com
1 go.trvdp.com cnt.trvdp.com
1 s.uuidksinc.net 1 redirects
1 a.th.giraff.io code.th.giraff.io
1 image4.pubmatic.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com 1 redirects
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 zem.outbrainimg.com f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
1 connect.ok.ru code.th.giraff.io
1 vk.com code.th.giraff.io
1 graph.facebook.com code.th.giraff.io
1 b1t-eudc1.zemanta.com f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
1 st.pubmatic.com www.daradaily.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 s0.2mdn.net www.daradaily.com
1 data.th.giraff.io code.th.giraff.io
1 sync.targeting.unrulymedia.com 1 redirects
1 syndication.twitter.com platform.twitter.com
1 cm.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cl.imghosts.com www.daradaily.com
1 servicer.mgid.com jsc.mgid.com
1 c.mgid.com jsc.mgid.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.google.de www.daradaily.com
1 stats.g.doubleclick.net 1 redirects
1 prebid.media.net anymind360.com
1 adasia-d.openx.net anymind360.com
1 htlb.casalemedia.com anymind360.com
1 bidder.criteo.com anymind360.com
1 hbopenbid.pubmatic.com anymind360.com
1 scdn.line-apps.com www.daradaily.com
1 daradaily.com 1 redirects
0 bh.contextweb.com Failed ads.pubmatic.com
337 130

This site contains links to these domains. Also see Links.

Domain
www.daradaily-vote.com
www.facebook.com
instagram.com
twitter.com
www.youtube.com
nav.cx
line.me
Subject Issuer Validity Valid
*.daradaily.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-04-12 -
2023-04-30		 a year crt.sh
anymind360.com
R3		 2022-10-30 -
2023-01-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
code.yengo.com
R3		 2022-12-02 -
2023-03-02		 3 months crt.sh
platform.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-21 -
2023-08-21		 a year crt.sh
line-apps.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-10 -
2023-03-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-22 -
2022-12-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-12-02 -
2023-03-02		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
cdn.prod.uidapi.com
R3		 2022-11-29 -
2023-02-27		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
data.th.giraff.io
R3		 2022-11-12 -
2023-02-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-03-18 -
2023-04-03		 a year crt.sh
*.ok.ru
GlobalSign RSA OV SSL CA 2018		 2022-10-11 -
2023-11-12		 a year crt.sh
*.outbrainimg.com
R3		 2022-12-03 -
2023-03-03		 3 months crt.sh
*.trvdp.com
Amazon		 2022-08-25 -
2023-09-23		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
a.th.giraff.io
R3		 2022-10-20 -
2023-01-18		 3 months crt.sh
*.truvidplayer.com
Amazon		 2022-02-07 -
2023-03-07		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2022-09-02 -
2023-10-04		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh

This page contains 53 frames:

Primary Page: https://www.daradaily.com/news/121632/read
Frame ID: 178F21E7528BA29DE86CA6099380A761
Requests: 149 HTTP requests in this frame

Frame: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B86565372BA49469F07C3675BAA940CB
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=167097222104230545288
Frame ID: 92D98E45F51DAD11BE7767943A86EDA8
Requests: 1 HTTP requests in this frame

Frame: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F87198B659A2986D4918298C73CE28C0
Requests: 10 HTTP requests in this frame

Frame: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 47F9DCF7AD72942383D9EED600966131
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A864543246DBC0BF419C7E19D4F2EA26
Requests: 1 HTTP requests in this frame

Frame: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B020372274F390B742A7BABD9CFC35FC
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLfjoBNKMRrllXJtF3l2mNUDcsncY3-QNMh5AYzIFLexTBe_ZYQKnAsloZg0Hhi7VrB0akovQjt3kuAxeXshogRpO0e1yZLbzWPi0uNc0lBg-l_K1QTGqfDJJmJ9-ZIoOA5FrSwB83E9BsezimF6-Sgd_MlN8Bkew7Vk4vTfnt-UNifOWtOOahZ54a_Tz2CTI-YImDjriCJ-LojULwP5tMR65oeOSo1TB23_SArWV5F9hNRQPpMTQ8W9_YcFl01U7MHUe5OAf16zWyZJt0OBu0MADdfQY58jRtJpZ0s6x_nQRT5x5tmCgOvLkSxxeUqFBxk7xZBhkgQv5Px_CT3Rh-7ksIjg2dNGBaR703K8AvlKWJN_3ITpfyNXHP-g&sai=AMfl-YSaM_SRrd8NoYKsHJ71qAxhasTnkf9Ln8FUYZ8pdfG3P9FX65hpJ1-KMJ1-uGHcsK5bCW2mG0dk80FYW_0qekFDpHpKFj7XV79Cu9clJMgS99_KafsahJS2rW_nyaDelw&sig=Cg0ArKJSzLBkkCGgGCROEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1A88E8787D39DAD2BB7FB9185F58C3D1
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html
Frame ID: A74DFC13E45695BE0240ACCFD0C24D46
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Frame ID: BA42BC910DC69E6A00A10BF2A203E724
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNO0soIEEMvVoocEGOnr19sBMAE&v=APEucNWYf6D5lF6tHuJTRVI_qUOSWwgGauTTcEI9q0a66SOXjad3qzv9a25b-hZsf8Yw-cLJu948gfTnj2auMu1J4mOeoBuFV6OzKn4retgnrKWPfGbS7bk
Frame ID: B47E29BB7B045D5E5D893592832BEE87
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1E3551C5E29990F396B4359789EC4C5E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F1659EDC23E1E78AE8D92070F43F699C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 42FF2EADCAD65718E7D7C72286D893C7
Requests: 9 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.daradaily.com
Frame ID: 471AA9970963F85EA7F8E250B69B2E02
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/comments.php?app_id=1751494371841879&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18bda30802d3e8%26domain%3Dwww.daradaily.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.daradaily.com%252Ffe172720888b44%26relation%3Dparent.parent&container_width=770&height=100&href=http%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&locale=en_US&numposts=10&sdk=joey&version=v2.8&width=
Frame ID: E008026D85413979836AB1976E2D3E44
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBLnwUAAAAAN6hbtXgUkGBvmI83GienhaSC-rF&co=aHR0cHM6Ly93d3cuZGFyYWRhaWx5LmNvbTo0NDM.&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=rhtpbeeblxwt
Frame ID: 56B2410B4B3E2F79992823A7D07ADF0C
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.daradaily.com
Frame ID: C036A4EAC9E694C34B1C81661A296123
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: B1F82727F23B87584AF41A3AA258558E
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/n2d/widget/widget.js
Frame ID: 5888092FFDE49E5CA14125DAA35B939A
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: D438F466AAC0AFE91D657047E6FAC02A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3169A68FB037DA3E828C6A464C54E06B
Requests: 11 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=158497&siteId=855896&adId=3963556&imprId=8A738999-68B9-4E1C-BB64-DECAD6BE00F8&cksum=9BB3E805AB083753&adType=10&adServerId=243&kefact=0.010000&kaxefact=0.010000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1670972220&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.013035&dcId=3&tldId=0&passback=0&svr=BID22632U&adsver=_2691429213&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=PAOZY25cCgBEj5-rTiTrwtZ3FW__B50ZPv5jeG6vmmJDmv4f&ekaxefact=PAOZY3lcCgB5oFG3wIuWZ5ppiRqDZ0i2Ey_4sVyqBngdm4j_&ekpbmtpfact=PAOZY4FcCgDYk0ox1ZlOq0v176cJXsJ7G5Oz4hZVaAOMwxHK&enpp=PAOZY4lcCgASqiLVjV3tmFiYvR-CrgFsMR8_DP38vjOMmkhJ&pfi=1&domId=9538169445541843615&dc=AMS&crID=460715497&lpu=granulate.io&ucrid=10800298332008911417&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=1078762067&wDspId=80&wbId=0&wrId=0&wAdvID=1262337&wDspCampId=18708902368&isRTB=1&rtbId=A7297EFB-A6AB-45A1-AAAB-AC76028A2664&ver=1&dateHr=2022121322&oid=8A738999-68B9-4E1C-BB64-DECAD6BE00F8&cntryId=58&domain=daradaily.com&sec=1&pAuSt=2&wops=0&sURL=daradaily.com&BrID=5
Frame ID: 292BD54C561E89A85AF8BED6EA78D60E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 20B4772A815A3FEBCC5F97598D12E034
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBYxGYJoK78wmGzrFslntyfEn0fCmTvTyi3NaifEOSkWG2mgMHDo8WYDHeGv800mLgK0SQu4yFSuQFhLokeqf6VkolgLqMQUla7TlLKjHWBNcrdSqjGotrufMOx6LgZgaOrPKk-Serz_oI3cO7yj5q81H244b3MdjZZfck7fvsFp7ymShCrLwjcc2CwwSrINbS_fZKBgfYR7hWwcZMBqCFJ43B_4NXZNSQGodDTy7WbvSuGsMLyZshy7RwSpuVp3DvsCkaVHuhP7FDcAeK1uQiZ7ZeQxjDbUuwKbzya1elir99MFkgpj3NC7oOAN-FOeLSl_R9BQ-thIkWp50cdKu9PUir4i6rmIKFnvA&sai=AMfl-YT6jcc8crNJaCLqGs4cp_EqJyoIAQG1Us9Yv0h6nYNB46uArI_tzMJL74NWT2rzQbOMN_dATtJVUBWMrYqjIdywbt7V8hcuPGUfCbC9fbn29lhrHJx4Vo_RZ7X-zRSi_Q&sig=Cg0ArKJSzNRFGYj5ZA5PEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EFA3D2C7D8FE864974CEA5E390A72D6E
Requests: 6 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=93013
Frame ID: FCD0870226AFFEBFF7A8B824763B5469
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:47ed6399-033e-4100-81e9-615d042fc665&gdpr=0&gdpr_consent=
Frame ID: 7D1FACEC64FAFF6DB6D1CA53ED9CFFC8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5453900713068109195
Frame ID: 8D46FAE070EAF4940ABD3C4B143C9D1F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 92690AE7EA37B2650C5B36DE84EAE5AB
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 087A401ACF158FEAA63B7ADDC07DC547
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7468395904123610787&gdpr=0&gdpr_consent=
Frame ID: 169B9F4FAE7088BA24784380CC75F901
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pTIfE6MyFU6-ZEAS8jgLTvI4E0y-ORFLpTKrkzjs
Frame ID: 68268E7FADE40BAF08A6ADD9227E19AA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7176771046033193114&gdpr=0&gdpr_consent=
Frame ID: 45346EA346AEA21BF6F3F26C9AA8E922
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.daradaily.com
Frame ID: D448FE1D353C737313D0CE5FF540173B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 302C3D6CA967E53A9A52405A7CEC5C9F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1629DB0941F311F23E601E1609AE1A2F
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 69296AD46DE80FB965F43B54DE1D5FC1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: 3BEFAE2678E65C9FF4B6B9A5EEEA0555
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 164394A0EBCE382D2BE72B82289D236F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 0BCCDB1AA3F53E3F98B6399F44262C7C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 188057184269ACBD9F1E66624721B036
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C208%2C2055%2C3020%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C182%2C141%2C222%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 24E744342AB9D5D7BEA95FD9DFDF3E91
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACYc07HMgcAACBfVnbUhw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5514918693440553219%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0
Frame ID: EB7E8C83CE5B7E17386DBDBAAE523002
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3kB7cwppSEdUjrvN3uHsT9ly2hQ
Frame ID: 831A7C45DEA726F6AC3EB518425C2E5D
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y5kDQgAAAQXWkwAF
Frame ID: 8687F72159D3B42CC690F9D3BCAD9D2E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 109B0A6A76428622D616B7D77C4A42EA
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B5FDC932133CD8D1A9F9008C53FAC203
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F2BA3A03DB960A11B9188E17505853E5
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3183513182
Frame ID: 5C7A8FC8EAC125FF39633AFCEDE8C3E0
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 4DB60C99B160B8B8C5173C664BAFC02B
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 2AD75D3BC864A7B5AC01AF37F56EB58D
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=de6c8cc57ea5c998/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QnUjSjjVTngVjRRS
Frame ID: C653A3A41666E25C8722A49E44620751
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 8B7CE43C09079EB93D3500A33476F163
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

สิ้นสุดการรอคอย! เผยแล้วซีรีส์เรื่องใหม่ “ซี-นุนิว” ทุ่มงบ 30 ล้านแค่ชื่อก็รู้ว่าฟิน | daradaily

Page URL History Show full URLs

  1. http://daradaily.com/news/121632/read HTTP 301
    https://www.daradaily.com/news/121632/read Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

337
Requests

89 %
HTTPS

30 %
IPv6

79
Domains

130
Subdomains

92
IPs

12
Countries

4944 kB
Transfer

11269 kB
Size

78
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://daradaily.com/news/121632/read HTTP 301
    https://www.daradaily.com/news/121632/read Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://ad.doubleclick.net/ddm/trackimpj/N311807.1457601DARADAILY.COM/B21544803.226830759;dc_trk_aid=424716498;dc_trk_cid=104647787;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpj/N311807.1457601DARADAILY.COM/B21544803.226830759;dc_pre=CMOEgs3Y9_sCFcDiuwgdtC8J2A;dc_trk_aid=424716498;dc_trk_cid=104647787;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 73
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=176770141&utmhn=www.daradaily.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E0%B8%AA%E0%B8%B4%E0%B9%89%E0%B8%99%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%A3%E0%B8%AD%E0%B8%84%E0%B8%AD%E0%B8%A2!%20%E0%B9%80%E0%B8%9C%E0%B8%A2%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%8B%E0%B8%B5%E0%B8%A3%E0%B8%B5%E0%B8%AA%E0%B9%8C%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E2%80%9C%E0%B8%8B%E0%B8%B5-%E0%B8%99%E0%B8%B8%E0%B8%99%E0%B8%B4%E0%B8%A7%E2%80%9D%20%E0%B8%97%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B8%87%E0%B8%9A%2030%20%E0%B8%A5%E0%B9%89%E0%B8%B2%E0%B8%99%E0%B9%81%E0%B8%84%E0%B9%88%E0%B8%8A%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%81%E0%B9%87%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%9F%E0%B8%B4%E0%B8%99%20%7C%20daradaily&utmhid=928258813&utmr=-&utmp=%2Fnews%2F121632%2Fread&utmht=1670972220563&utmac=UA-39560487-1&utmcc=__utma%3D36404021.346850570.1670972221.1670972221.1670972221.1%3B%2B__utmz%3D36404021.1670972221.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=323528568&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39560487-1&cid=346850570.1670972221&jid=323528568&_v=5.7.2&z=176770141 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39560487-1&cid=346850570.1670972221&jid=323528568&_v=5.7.2&z=176770141 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39560487-1&cid=346850570.1670972221&jid=323528568&_v=5.7.2&z=176770141&slf_rd=1&random=493215146
Request Chain 149
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&rid=esp&cc=1
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEADxSU40oRkTjoVgNymEZ2o&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEADxSU40oRkTjoVgNymEZ2o&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=0eedbda833cf380435682f1dc9e0afed&uid=0eedbda833cf380435682f1dc9e0afed&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 198
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEL4QLB6qxvely8x2AGJMNyM&google_cver=1&google_push=ASkJ3FYd-BH4q0h9ze50e68QSJM5SHQ9V9ezrsbjUxhSmAKtSYinZON7IUWpIBvrRAP3kUlmCNAMXyG12vHe1HdDbG6E7D_1F83pmQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYd-BH4q0h9ze50e68QSJM5SHQ9V9ezrsbjUxhSmAKtSYinZON7IUWpIBvrRAP3kUlmCNAMXyG12vHe1HdDbG6E7D_1F83pmQ
Request Chain 200
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFBB55Qm-flbBHmbL3RtGBw&google_cver=1&google_push=ASkJ3FY9SHEMDMVzyAqR9CqERdXiqVr4wk7cB0lrKXOJChcHLX6D302M1tlnlf2zpPH0QcA69ZoBtB5-jtv5NEwbezPs8Ivm4o0 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFBB55Qm-flbBHmbL3RtGBw&google_cver=1&google_push=ASkJ3FY9SHEMDMVzyAqR9CqERdXiqVr4wk7cB0lrKXOJChcHLX6D302M1tlnlf2zpPH0QcA69ZoBtB5-jtv5NEwbezPs8Ivm4o0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FY9SHEMDMVzyAqR9CqERdXiqVr4wk7cB0lrKXOJChcHLX6D302M1tlnlf2zpPH0QcA69ZoBtB5-jtv5NEwbezPs8Ivm4o0
Request Chain 201
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBmIO3Temmvz9z3XizWdn-I&google_cver=1&google_push=ASkJ3FZt0S31WKtAKu0nqVNyBB8bRrQpihKRC3m2y37L5VDmZLig2ufjwX-4WtFoA0NVBju6CSo0ftWqb5dibyhbxis4cTibKR-oNA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBmIO3Temmvz9z3XizWdn-I&google_cver=1&google_push=ASkJ3FZt0S31WKtAKu0nqVNyBB8bRrQpihKRC3m2y37L5VDmZLig2ufjwX-4WtFoA0NVBju6CSo0ftWqb5dibyhbxis4cTibKR-oNA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ1Njk0OTQxNTE1OTM4NzgzNg&google_push=ASkJ3FZt0S31WKtAKu0nqVNyBB8bRrQpihKRC3m2y37L5VDmZLig2ufjwX-4WtFoA0NVBju6CSo0ftWqb5dibyhbxis4cTibKR-oNA
Request Chain 202
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEGQ5EARyRVpVi5CRRmD4rSo&google_cver=1&google_push=ASkJ3FYGmPDimxNxTLwenLueyxdJdebe21DLX9rHh755KXSNy324SUad4adchF2WaVO1RIk7N8dixoNljMcyikNdij4VIMUhG5w2ug HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FYGmPDimxNxTLwenLueyxdJdebe21DLX9rHh755KXSNy324SUad4adchF2WaVO1RIk7N8dixoNljMcyikNdij4VIMUhG5w2ug&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1670972222010 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a43846d4-5c8e-4828-992a-8831793a4603-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FYGmPDimxNxTLwenLueyxdJdebe21DLX9rHh755KXSNy324SUad4adchF2WaVO1RIk7N8dixoNljMcyikNdij4VIMUhG5w2ug%26google_hm%3DA6Q4RtRcjkgomSqIMXk6RgM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYGmPDimxNxTLwenLueyxdJdebe21DLX9rHh755KXSNy324SUad4adchF2WaVO1RIk7N8dixoNljMcyikNdij4VIMUhG5w2ug&google_hm=A6Q4RtRcjkgomSqIMXk6RgM
Request Chain 203
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEE4SMRhCf2eMuZr8TGpH3Y8&google_cver=1&google_push=ASkJ3FaAMtB4kgrKNyF9iQBZwmIeJPWnRVPAfafzF1wlu_ArY--WybJ7L7zqO1XG10-QADEcH3DCOB0R8crD5FbZIKfayL3Fj_I_b8I HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEE4SMRhCf2eMuZr8TGpH3Y8%26google_cver%3D1%26google_push%3DASkJ3FaAMtB4kgrKNyF9iQBZwmIeJPWnRVPAfafzF1wlu_ArY--WybJ7L7zqO1XG10-QADEcH3DCOB0R8crD5FbZIKfayL3Fj_I_b8I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzQ2ODM5NTkwNDEyMzYxMDc4Nw%3D%3D&google_gid=CAESEE4SMRhCf2eMuZr8TGpH3Y8&google_cver=1&google_push=ASkJ3FaAMtB4kgrKNyF9iQBZwmIeJPWnRVPAfafzF1wlu_ArY--WybJ7L7zqO1XG10-QADEcH3DCOB0R8crD5FbZIKfayL3Fj_I_b8I
Request Chain 210
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 211
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 218
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=daradaily.com&sn=ChromeSyncframe&so=0&topUrl=www.daradaily.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=D3cBp3x2M1FxaXNUNHppTHI4STJla0NlVWd4SUJxclJZaWNuSjVmczV5dDliVWViK3pMUG1pTlAzekY2dUkveFBNaE91RjdrMkp5MEpKbUMwenVjSzhFalVFN3QzMHk5WUlZNnVoRlBtRzhhZGt6KzVTR2hDNTRkSmVTM0FtQlI3Q0s2eitJeER3dXZ0V3BMdlpSYXE0N3Y4SWM4OWtJemhPRVBLNEhZeEtFWU1nL3p1c05DT3pBOVNsRFVvWmNkRGN5d1UzOEIvWjFIV0dUbC9RNW13cVpYK2JiQnNTWE1BOG9rakJ0S1RmcXhBK3BlbUdWQWIraDdHQ1E0NHh5SDcxRkdXQkk2eTRvZ2gwWWFUMzAweG85Rk5Odz09fA&cppv=2
Request Chain 263
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:47ed6399-033e-4100-81e9-615d042fc665&gdpr=0&gdpr_consent=
Request Chain 264
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5453900713068109195
Request Chain 265
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 266
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 267
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7468395904123610787&gdpr=0&gdpr_consent=
Request Chain 268
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pTIfE6MyFU6-ZEAS8jgLTvI4E0y-ORFLpTKrkzjs
Request Chain 269
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7176771046033193114&gdpr=0&gdpr_consent=
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkVEQ0VFRUQtN0ZDMy00Nzc3LThDQkUtMjRDREJEMTg2QTJB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEPiN2Y2RHoZjLOYA2hW_Yk&google_cver=1
Request Chain 273
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7456949415159387836
Request Chain 275
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322324173939541&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=241d8454-e18e-4c48-a96d-4c6c9e6e7f2f&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 277
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-D4keAB5E2uU6MjEC4CZM3d5hDpKz6k8-~A&gdpr=0&gdpr_consent=
Request Chain 284
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=daradaily.com&sn=ChromeSyncframe&so=3&topUrl=www.daradaily.com&bundle=YvbCFV9lQnNuRm5aelI4ZWdxQldVcEVkeWtjTUZVVlhjZzJtNnQ5a3FSNXdKY2h1ZDlRNW9BR21yUzU0ZktSaW4xcjdsSGZoWSUyQlZ3OFQ2MFlkYjlKVndaank4aVMxbzVPVWI3a0pmTWZiUUV5SUY2QyUyQmV0byUyQjQydkxPUkU3ZVpXVzNaSyUyQiUyRlpFWmM1JTJCekhMMDkySGJVUjc2NGclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=p6gexnxmck5iSUVWaGFZVnNULzh0QjdSZ2h1anh4OHA3ZFJZNVhsQmw0cTdtekZoZEpJSzRrNlF1dHpHdEdDMHVuNDJuRXRJZ0NYRmYyL3h3OXphdFNsNkt0VWpveUFHNlVUR3RUOENnODNacStnNlM3aktOeVZybDVMOXViWWFMYWVaTVRZN0hRM0kzWlUwdjAvYnkvUktKbGNwU2JPQXN1OTNuTVdMbGdMVzdsOXJ1UjNhMXdQa04yZjRrSStyTUJWNDJVa25tbkNTWnkvREhHcGU2MXFrc2lGc1ZlczN2NWRPZGo2L0RKR2tHZzRQVHJVWTYxUVYwSlB2VmRpcmdXOVFNU2hwa0NhTTNsZVM1MEJJYUxXb3hrQkNNUnArQ3VBMnc3a0xEeTNSak9aYz18&cppv=2
Request Chain 286
  • https://s.uuidksinc.net/match/480/?remote_uid=1260432387 HTTP 302
  • https://code.yengo.com/sync?dsp=kadam&id=1UbopSiEImO6PUMb75fX
Request Chain 302
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.daradaily.com%2F&domain=www.daradaily.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=zBLjT3xkb2VEczJGMTlZS1BsUzV0b3BnV1cwQzgxbWE1d2JhQlNocUdPKy9uOVpWNU84cjFvNlZhSEREajZoVnJRaWpKbldRR0daMUFTVVZmVGRJajhZTmE0dlFsQ3RtVGJEREY2MUc3OU15TjRxQmVNV2pDVi9VUFVJRGs5Mm95clJ3eWtSRkRaRy9HMlZtSnRaWDJ2S3JrR212TU9QaU5wYXgrN2dPMGNCcFVPOFcwMDhITjd0OXFqOEFFN1BSd0VCR1hWaFpod0N6bFpOT3piOEtyNTVuVndPZDdIUnhPc1RaTG83ZzFnOFhFSE1QUDN6U29EYmlQWlA3T1FKOVliS25wUGVYNGROeUNGQ2NaYXZIY21rbFQ0M0Jya0VHTDE5Wkdubjdmc0U0T3Rtdz18&cppv=2
Request Chain 311
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDWWMwN0hNZ2NBQUNCZlZuYlVodw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACYc07HMgcAACBfVnbUhw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5514918693440553219&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACYc07HMgcAACBfVnbUhw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5514918693440553219%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0
Request Chain 312
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3kB7cwppSEdUjrvN3uHsT9ly2hQ
Request Chain 313
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y5kDQgAAAQXWkwAF
Request Chain 314
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 315
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 317
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3183513182
Request Chain 320
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=de6c8cc57ea5c998/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QnUjSjjVTngVjRRS
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_tzu7X_DR3eMviTNvRhqKg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 324
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4036108025 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A
Request Chain 327
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3297976066382400534&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 328
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d11f4fba-a635-4513-849b-c8e8537b2c5a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 329
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7468395904123610787
Request Chain 330
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 334
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5kDQgPJ.Yj.1g1pxAQUnAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKCqZV-gbzXs1W0idtmFWNM&google_cver=1&google_hm=2
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5kDQgPJ-Yj-1g1pxAQUnAAAFCEAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENInu2kYWyLq6F55QOOQ-lw&google_cver=1
Request Chain 337
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7468395904123610787
Request Chain 338
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5kDQgPJ-Yj-1g1pxAQUnAAAFCEAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5kDQgPJ-Yj-1g1pxAQUnAAAFCEAAAAB
Request Chain 339
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=b1C1GJul1P5ecX5
Request Chain 340
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=47ed6399-033e-4100-81e9-615d042fc665

337 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request read
www.daradaily.com/news/121632/
Redirect Chain
  • http://daradaily.com/news/121632/read
  • https://www.daradaily.com/news/121632/read
76 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx / PHP/7.3.4
Resource Hash
38d6cec38e62c3b96f4ca485f42f89361887cb6ff3a2ef339486b5c140cda587

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 22:56:20 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.3.4

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Tue, 13 Dec 2022 22:56:18 GMT
Location
https://www.daradaily.com/news/121632/read
Server
nginx
css.min.css
www.daradaily.com/css/ 		253 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.daradaily.com/css/css.min.css
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
21db36ca4c4cccb8381f90a62543e8ebd42f0f4dca5a4e800beb509b23f620ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:21 GMT
content-encoding
gzip
last-modified
Sun, 25 Nov 2018 10:00:28 GMT
server
nginx
etag
W/"5bfa72bc-3f52b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Wed, 13 Dec 2023 22:56:21 GMT
raw-custom-style.css
www.daradaily.com/css/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.daradaily.com/css/raw-custom-style.css?v=20200404
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
ddf3142ebbd79795c87decfbb716bc8ec235b5a20496638f2cf6d88725e7f9d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:21 GMT
last-modified
Sun, 19 Apr 2020 03:09:12 GMT
server
nginx
etag
"5e9bc0d8-1710"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5904
expires
Wed, 13 Dec 2023 22:56:21 GMT
jquery-2.1.4.js
www.daradaily.com/module/js/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.daradaily.com/module/js/jquery-2.1.4.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:21 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2016 16:31:18 GMT
server
nginx
etag
W/"583dad56-1497d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 13 Dec 2023 22:56:21 GMT
ats.js
anymind360.com/js/4906/ 		148 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/4906/ats.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
40fe805736e0cc3d503da3e1d82bb13ea387179b3dc4f36a538aa5dc5d1d795e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Mon, 12 Dec 2022 04:01:41 GMT
date
Tue, 13 Dec 2022 22:57:00 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
66878
x-guploader-uploadid
ADPycdvOoEhlxFBfrH15Kz2dIjen027gfiUEZrK7sLw1_IHpPiWG5EPN30oerknJo5mMLbXcAsPGM-0VsEuTxwLtrlVquw
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
32973
x-served-by
cache-tyo11968-TYO, cache-hhn-etou8220041-HHN
last-modified
Thu, 01 Dec 2022 02:51:55 GMT
server
UploadServer
x-timer
S1670972220.996838,VS0,VE249
etag
"9733642dfb6d96af9f151d2234d05f90"
vary
Accept-Encoding
x-goog-generation
1669863115401889
x-goog-hash
crc32c=sgVpaA==, md5=lzNkLfttlq+fFR0iNNBfkA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
32973
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
55, 1
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1421 / 221 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 13 Dec 2022 22:57:00 GMT
api.js
www.google.com/recaptcha/ 		884 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LeBLnwUAAAAAN6hbtXgUkGBvmI83GienhaSC-rF
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
23b60e2e69b7d13081bd7df73521767bea41670852fffdaf5903324c5ccfbfcb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584
x-xss-protection
1; mode=block
expires
Tue, 13 Dec 2022 22:56:59 GMT
widget-daradailycom.js
code.th.giraff.io/data/ 		134 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.th.giraff.io/data/widget-daradailycom.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.241.51.68 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ecbe98cd0fc74bad30a9f0e201e5a1475d0d31e69416fa3b0b773bbb461f0790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
content-encoding
gzip
last-modified
Wed, 12 Oct 2022 18:50:13 GMT
server
nginx
x-mg-request-uuid
8db352eb-5ad6-41b1-bce6-ccbbfda5c241
etag
W/"63470c65-21745"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
expires
Tue, 13 Dec 2022 22:58:01 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 19:43:37 GMT
etag
"6633f9603c759c40d9b200995454f17c+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
*
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
content-length
29221
x-served-by
cache-iad-kcgs7200045-IAD, cache-fra-eddf8230068-FRA
loader.min.js
scdn.line-apps.com/n/line_it/thirdparty/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scdn.line-apps.com/n/line_it/thirdparty/loader.min.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-99.deploy.static.akamaitechnologies.com
Software
VOS /
Resource Hash
47b217c17ead1192b2aafbb7a590104db295551024cbc39e3ad289af864dcd55
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
-mN21oly0BwNRdsccXhZ91Kiu8HsIfL
strict-transport-security
max-age=15768000
content-encoding
gzip
date
Tue, 13 Dec 2022 22:57:00 GMT
x-amz-request-id
tx0000000000000c668b500-0063355c53-f4bc265-jp2
x-amz-storage-class
STANDARD
content-length
1527
last-modified
Thu, 29 Sep 2022 08:46:50 GMT
server
VOS
etag
"9d78399dbb6959f4a8193a3f764de94d"
vary
Accept-Encoding
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=25005126
accept-ranges
bytes
expires
Fri, 29 Sep 2023 08:49:06 GMT
dara-D-logo.png
www.daradaily.com/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/images/dara-D-logo.png
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
b3f3255ec7f8bd281d4b0ac833c542a9f8d147b3e2d3b9e7184a662427b96779

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:21 GMT
last-modified
Mon, 04 Nov 2019 08:40:26 GMT
server
nginx
etag
"5dbfe3fa-5afc"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
23292
expires
Wed, 13 Dec 2023 22:56:21 GMT
dd-cl-logo.png
www.daradaily.com/images/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/images/dd-cl-logo.png
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
4b9b378be6087d18983ea344c7ef21d5f042d85c4608ad20e12d7082b5c972a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:21 GMT
last-modified
Mon, 04 Nov 2019 08:41:18 GMT
server
nginx
etag
"5dbfe42e-e33e"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
58174
expires
Wed, 13 Dec 2023 22:56:21 GMT
app_icon_48x48_v2.png
www.daradaily.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/images/app_icon_48x48_v2.png
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
22d52a08cc12031b899519a9e5ae12f4d86d61f74508e61d5920f9a7c1305d25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:21 GMT
last-modified
Tue, 26 Nov 2019 16:29:33 GMT
server
nginx
etag
"5ddd52ed-1cca"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7370
expires
Wed, 13 Dec 2023 22:56:21 GMT
dd-cl-logo-no-fm.png
www.daradaily.com/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/images/dd-cl-logo-no-fm.png
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
f7c9e642a6aaf8a36da43c08103f58a97ac2d50e3dd27b9f162a84ca719d2e65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:21 GMT
last-modified
Mon, 04 Nov 2019 16:08:11 GMT
server
nginx
etag
"5dc04ceb-4173"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16755
expires
Wed, 13 Dec 2023 22:56:21 GMT
color-bar-b.png
www.daradaily.com/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/images/color-bar-b.png
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
d52296c0f70b0ebc639f0762e22ff111cab61dc55e46b2768144d1f7b103eabc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:21 GMT
last-modified
Mon, 04 Nov 2019 08:42:11 GMT
server
nginx
etag
"5dbfe463-348e"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
13454
expires
Wed, 13 Dec 2023 22:56:21 GMT
photo-121632.jpg
www.daradaily.com/content/news/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/content/news/photo-121632.jpg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
38a056b77b3686a232ae6116d90d7619f9f13575a2ab8826a3a4dbddfb4bc21c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:21 GMT
last-modified
Tue, 13 Dec 2022 14:46:42 GMT
server
nginx
etag
"63989052-2112a"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
135466
expires
Wed, 13 Dec 2023 22:56:21 GMT
Facebook-icons.png
www.daradaily.com/images/ 		457 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/images/Facebook-icons.png
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
66c1c2f79ade3a1bb1b609c504553f26039c80d5197946a97779f5d05ba2ed6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:21 GMT
last-modified
Wed, 30 Aug 2017 05:02:20 GMT
server
nginx
etag
"59a646dc-1c9"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
457
expires
Wed, 13 Dec 2023 22:56:21 GMT
Twitter-icons.png
www.daradaily.com/images/ 		543 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/images/Twitter-icons.png
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
08b2b7884438b4be51b41a98986869f7c08f3b1ee158f691a579de5c8f297e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Wed, 30 Aug 2017 05:02:20 GMT
server
nginx
etag
"59a646dc-21f"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
543
expires
Wed, 13 Dec 2023 22:56:22 GMT
line-icons.png
www.daradaily.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/images/line-icons.png
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
e782e02cd7711965eca5e020f7e6bfe480824f4185be426e2279887333ab81d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Tue, 29 Nov 2016 16:39:52 GMT
server
nginx
etag
"583daf58-4f5"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1269
expires
Wed, 13 Dec 2023 22:56:22 GMT
oiuuyy(2).jpg
www.daradaily.com/module/ckfinder/userfiles/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/module/ckfinder/userfiles/images/oiuuyy(2).jpg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
17b92120afa5c1d4a3dc02c8b017330c783c91fb0bf484fdc825fe8a160ce441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Tue, 13 Dec 2022 09:39:27 GMT
server
nginx
etag
"6398484f-ea59"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
59993
expires
Wed, 13 Dec 2023 22:56:22 GMT
hggf(5).jpg
www.daradaily.com/module/ckfinder/userfiles/images/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/module/ckfinder/userfiles/images/hggf(5).jpg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
341ac762fb9773e44ac488ed250112cd5ec617d536d97e1eb9556817aeb9fcaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Tue, 13 Dec 2022 09:39:59 GMT
server
nginx
etag
"6398486f-e092"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
57490
expires
Wed, 13 Dec 2023 22:56:22 GMT
581841(1).jpg
www.daradaily.com/module/ckfinder/userfiles/images/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/module/ckfinder/userfiles/images/581841(1).jpg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
97c33ce35686e79c75e8533488f9e1280add14c1666efc68276e52ac1aca7317

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Tue, 13 Dec 2022 14:44:02 GMT
server
nginx
etag
"63988fb2-b591"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
46481
expires
Wed, 13 Dec 2023 22:56:22 GMT
ssdr.jpg
www.daradaily.com/module/ckfinder/userfiles/images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/module/ckfinder/userfiles/images/ssdr.jpg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
e2d61990291ba961f3d42876cfbb8ff6a13715764bbf2dfb3bd2e8f6db4393bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Tue, 13 Dec 2022 13:56:00 GMT
server
nginx
etag
"63988470-9a21"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
39457
expires
Wed, 13 Dec 2023 22:56:22 GMT
eewwww(4).jpg
www.daradaily.com/module/ckfinder/userfiles/images/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/module/ckfinder/userfiles/images/eewwww(4).jpg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
0f163971e3779e19fa8456768b77173c7dd846cb152d723eeb14e59c5afa1455

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Tue, 13 Dec 2022 13:56:13 GMT
server
nginx
etag
"6398847d-99e2"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
39394
expires
Wed, 13 Dec 2023 22:56:22 GMT
nunew3(1).jpg
www.daradaily.com/module/ckfinder/userfiles/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/module/ckfinder/userfiles/images/nunew3(1).jpg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
919e215d2d171febc2a4e4961a9f7a310ba3b2eb53d714d64f4dc52efe56b74d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Tue, 13 Dec 2022 14:43:41 GMT
server
nginx
etag
"63988f9d-5684"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
22148
expires
Wed, 13 Dec 2023 22:56:22 GMT
nunew%20(2)(2).jpg
www.daradaily.com/module/ckfinder/userfiles/images/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/module/ckfinder/userfiles/images/nunew%20(2)(2).jpg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
1252087651702218dbe92c23cb3fd2e441aa5717a46fa2e2a822b1f35913cffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Tue, 13 Dec 2022 14:43:16 GMT
server
nginx
etag
"63988f84-9243"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
37443
expires
Wed, 13 Dec 2023 22:56:22 GMT
nunew1(1).jpg
www.daradaily.com/module/ckfinder/userfiles/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/module/ckfinder/userfiles/images/nunew1(1).jpg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
79700986b8b002873b6b6c313cf99c6753af54a294de74b8095fce8a459ad8fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Tue, 13 Dec 2022 14:43:28 GMT
server
nginx
etag
"63988f90-6ba2"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
27554
expires
Wed, 13 Dec 2023 22:56:22 GMT
zee%20(2)(3).jpg
www.daradaily.com/module/ckfinder/userfiles/images/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/module/ckfinder/userfiles/images/zee%20(2)(3).jpg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
7a11319ef62c67863d8359b282d7d134f2cd192f7e69670e45f8533687c18ecd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Tue, 13 Dec 2022 14:43:01 GMT
server
nginx
etag
"63988f75-db0c"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
56076
expires
Wed, 13 Dec 2023 22:56:22 GMT
color-bar-s.jpg
www.daradaily.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/images/color-bar-s.jpg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
a674c789b9c3e389eb396f3aad3607bce6bdd1bb8ec4e620dcc421d51a763421

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Mon, 04 Nov 2019 08:42:11 GMT
server
nginx
etag
"5dbfe463-4c6"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1222
expires
Wed, 13 Dec 2023 22:56:22 GMT
daradaily.com.1380045.js
jsc.mgid.com/d/a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/d/a/daradaily.com.1380045.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08d9450b6e4c73cbfaa497e1885e5771205b9b1f191d3a5adc719f3ee17f34d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
x-amz-version-id
reOX4XJUs5MywYe_uDa8erRAWY5goyWv
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
WM85ZX7Y8HFJ29PV
age
2233
cf-polished
origSize=2344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
3AnuU7yw1UIVg4w+F4QOJxim+XWwAGkl0S8+G3yRjFcm0V3bwVqKMS4c7uM9dkeD/ahrKzxjxxo=
cf-bgj
minify
last-modified
Wed, 23 Nov 2022 12:05:19 GMT
server
cloudflare
etag
W/"266b197490b821dfae60734c2221df67"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
77924bd9af6b694f-FRA
expires
Wed, 14 Dec 2022 01:57:00 GMT
dd-vote-x.jpg
www.daradaily.com/images/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/images/dd-vote-x.jpg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
ed69d663a6e20e5abfa6bd7069c327282e59fac53458bf0d1429da738948ba4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Sun, 09 Oct 2022 08:26:48 GMT
server
nginx
etag
"634285c8-bc1a"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
48154
expires
Wed, 13 Dec 2023 22:56:22 GMT
LINE_SOCIAL_Square_s.png
www.daradaily.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/images/LINE_SOCIAL_Square_s.png
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
2daac6b1cce300ca3c5b7abd97709c8d1ad14dc9d8a4cc5b154f3df891da9bfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Thu, 28 Nov 2019 09:15:04 GMT
server
nginx
etag
"5ddf9018-b00"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2816
expires
Wed, 13 Dec 2023 22:56:22 GMT
logo-background-Footer-Mobile_v2.jpg
www.daradaily.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/images/logo-background-Footer-Mobile_v2.jpg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
3b2ddc56326e2a561d931065ec791018c67e37013b90603c220718b8695a2f7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Tue, 26 Nov 2019 16:29:33 GMT
server
nginx
etag
"5ddd52ed-1d0b"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7435
expires
Wed, 13 Dec 2023 22:56:22 GMT
son_p_only.png
www.daradaily.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/images/son_p_only.png
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
6f21cdd6f46dcb76413b86df6742f48a9050aba6df2d0689d832c1f93301c3c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
last-modified
Fri, 04 Sep 2020 08:30:55 GMT
server
nginx
etag
"5f51fb3f-6ea"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1770
expires
Wed, 13 Dec 2023 22:56:22 GMT
js-min.js
www.daradaily.com/module/js/ 		310 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.daradaily.com/module/js/js-min.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
03102a9f5780910b929003ca8ba0c4f8a250761d99eb9e0ec72064baded71e69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
content-encoding
gzip
last-modified
Sun, 25 Nov 2018 06:14:52 GMT
server
nginx
etag
W/"5bfa3ddc-4d8c9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 13 Dec 2023 22:56:22 GMT
daradaily.com.1396708.js
jsc.mgid.com/d/a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/d/a/daradaily.com.1396708.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
079dbd1ba4823d12eb26d5506888ac6007392d48591cd87dc23666cf8e3a47f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
x-amz-version-id
4Ivk3ZCo_xkzBOl2YYrXRdxz8nytE0Zp
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
P6X14F45SS80JBHD
age
6802
cf-polished
origSize=2344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
wv8l7CbCOdzM9XWXhWY8gZTiaeA5lk+BH2z0DgQx7zgrGz7WY8CsZf9WIbaq6Wf5Si4l0qk0Fqw=
cf-bgj
minify
last-modified
Sun, 11 Dec 2022 08:33:43 GMT
server
cloudflare
etag
W/"faf288e9065606f0687de324b9fdc7e3"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
77924bd9af6d694f-FRA
expires
Wed, 14 Dec 2022 01:57:00 GMT
B21544803.226830759;dc_pre=CMOEgs3Y9_sCFcDiuwgdtC8J2A;dc_trk_aid=424716498;dc_trk_cid=104647787;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimpj/N311807.1457601DARADAILY.COM/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpj/N311807.1457601DARADAILY.COM/B21544803.226830759;dc_trk_aid=424716498;dc_trk_cid=104647787;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
  • https://ad.doubleclick.net/ddm/trackimpj/N311807.1457601DARADAILY.COM/B21544803.226830759;dc_pre=CMOEgs3Y9_sCFcDiuwgdtC8J2A;dc_trk_aid=424716498;dc_trk_cid=104647787;ord=[timestamp];dc_lat=;dc_rdid...
11 B
38 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimpj/N311807.1457601DARADAILY.COM/B21544803.226830759;dc_pre=CMOEgs3Y9_sCFcDiuwgdtC8J2A;dc_trk_aid=424716498;dc_trk_cid=104647787;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H3
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimpj/N311807.1457601DARADAILY.COM/B21544803.226830759;dc_pre=CMOEgs3Y9_sCFcDiuwgdtC8J2A;dc_trk_aid=424716498;dc_trk_cid=104647787;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1421 / 993 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 13 Dec 2022 22:57:00 GMT
prebid_2022_12_1_2_51_33.js
anymind360.com/js/4906/ 		358 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
aa0dc5f1610361ec8461f5e6f72202896c51519b4329c4b036d8793bdcdd13fe
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 07 Dec 2022 11:36:08 GMT
date
Tue, 13 Dec 2022 22:57:00 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
380663
x-guploader-uploadid
ADPycdsl7kB1mw1bFlWEbYJEU0nYzw_9rm8VEE5bNgdZ81Z_-pR1srHO0iBIZ42XS44ca8YoC-DPEmCZ4bZkTZchwPBs0sFFQHFN
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
115579
x-served-by
cache-tyo11971-TYO, cache-hhn-etou8220041-HHN
last-modified
Thu, 01 Dec 2022 02:51:55 GMT
server
UploadServer
x-timer
S1670972220.372968,VS0,VE1
etag
"dde59c2c37f7260f54e871ee0fb7fd85"
vary
Accept-Encoding
x-goog-generation
1669863115542756
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=0MWtbQ==, md5=3eWcLDf3Jg9U6HHuD7f9hQ==
access-control-expose-headers
Content-Type
cache-control
max-age=31536000, public
x-goog-stored-content-length
115579
accept-ranges
bytes
x-cache-hits
33, 1
ptag.js
tag.adbro.me/tags/ 		105 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/tags/ptag.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4b406de65c0f1611fa161cef881f3a247b1c59ad7ccecc7fe0335ab39497335

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 03 Dec 2022 14:53:50 GMT
content-md5
GI2gScI4jjEiDtBwn+je0Q==
age
2496
server
cloudflare
cf-polished
origSize=137598
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
77924bd9af859186-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1qeyffsm.js
tag.adbro.me/configs/ 		1 KB
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/configs/1qeyffsm.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78823d278070981bd8a4314564f586cae365352263454ac22d28d5cb0469b92b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Wed, 02 Nov 2022 05:51:55 GMT
server
cloudflare
cf-polished
origSize=1857
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
77924bd9af889186-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ 		403 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeBLnwUAAAAAN6hbtXgUkGBvmI83GienhaSC-rF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d64e243770a7345b699907f77f5e6789584278786ffa215802150dab0ee1d7a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164801
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 22:56:49 GMT
loader.js
cdn.taboola.com/libtrc/daradaily/ 		160 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/daradaily/loader.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4265b28fc74d10c10a6668da646d5a4d5083c708f0d28c73bb33544ad07b5ee2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
uS12uYvbL9iv0_u6OTK76xGq7PcrNql1
content-encoding
gzip
via
1.1 varnish
date
Tue, 13 Dec 2022 22:57:00 GMT
x-amz-request-id
FZ22QGGGBDB3B533
age
21654
x-cache
HIT
content-length
24630
x-amz-id-2
bbYtXher7pA1Rf8qWOvi++hZeE91YmuqfLxqscawiH+sPxDMzVZvPe82Itva8xblPuFwQYgO5w8=
x-served-by
cache-hhn-etou8220060-HHN
last-modified
Tue, 13 Dec 2022 15:55:32 GMT
server
AmazonS3
x-timer
S1670972220.495498,VS0,VE1
etag
"7c5d475b31f76c5c7081e38c3b71c684"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
34
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6f7d6f75f3c75a7049b187ae155d0cbf20939c1472015ce346e90fca51a56eb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Dec 2022 22:57:00 GMT
content-md5
BPZifZ2zr3a1GZ2hmsAi1Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
rjqVNG09G+dt6AD5NnGuuy2hcPWn5Hwd+U5qCg4sRY6MIjFf0ilAZJwuC5cqnujBnAf7KTH43qSGntgcDw1W7A==
x-fb-trip-id
1679558926
x-fb-content-md5
0a28eac062674f85af9ebc0f8e3f40cc
cross-origin-opener-policy
same-origin-allow-popups
etag
"5d87842518e3abcb2ec6a0d968e53dcb"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Tue, 13 Dec 2022 23:08:47 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Dec 2022 21:51:02 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3958
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 13 Dec 2022 23:51:02 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 13 Dec 2022 22:57:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27320
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
UYDoTk4LuBHUiO/5ouna5bf6991Br94Jnzz0jKcoi5C6N9kx2Wt441jGH5wJ9ELI/gMADm2Igs0RrUX6Rk/7uQ==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
fontawesome-webfont.woff2
www.daradaily.com/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.daradaily.com/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/css/css.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
9682aff0dfb2932f5273721abd9190df39eeb0f42c37a24566aa4ac5753219c1

Request headers

Referer
https://www.daradaily.com/css/css.min.css
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:21 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2016 16:47:35 GMT
server
nginx
etag
W/"260646-118d8-542735866d047"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 13 Dec 2022 22:56:22 GMT
db_heavent_bd_v3.2.1-webfont.woff2
www.daradaily.com/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.daradaily.com/fonts/db_heavent_bd_v3.2.1-webfont.woff2
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/css/raw-custom-style.css?v=20200404
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
cf060fee643fa26d66c57ddf6f4e9610cb88bb884461711fb3a607ef80ad2e85

Request headers

Referer
https://www.daradaily.com/css/raw-custom-style.css?v=20200404
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:21 GMT
last-modified
Mon, 04 Nov 2019 08:20:49 GMT
server
nginx
etag
"27e814-735c-59680fe4bdb08"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/x-troff-man
access-control-allow-origin
*
cache-control
max-age=1
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
29532
expires
Tue, 13 Dec 2022 22:56:22 GMT
tf_chiangsaen_bol-webfont.woff2
www.daradaily.com/fonts/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.daradaily.com/fonts/tf_chiangsaen_bol-webfont.woff2
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/css/css.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
4e85e5c1de544f4eb690ae22b57576664b3b30624f4dc3dcbc3635c0f6b6c4b4

Request headers

Referer
https://www.daradaily.com/css/css.min.css
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:21 GMT
content-encoding
gzip
last-modified
Tue, 29 Aug 2017 17:10:54 GMT
server
nginx
etag
W/"272e23-13520-557e77e803e19"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 13 Dec 2022 22:56:22 GMT
js-raw.js
www.daradaily.com/module/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.daradaily.com/module/js/js-raw.js?v=20210514
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
fe9b9a8ea70497a663f1964f8b7e853457b503eca7b604ce58398009793c87eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
content-encoding
gzip
last-modified
Mon, 14 Jun 2021 18:22:08 GMT
server
nginx
etag
W/"60c79e50-33f4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 13 Dec 2023 22:56:22 GMT
395062.js
code.yengo.com/data/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://code.yengo.com/data/395062.js?async=1&div=34566317395062&t=0.5093597749926027
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.241.51.68 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
x-mg-request-uuid
df3f8b02-97e5-422b-8120-6d0696b7eff3
server
nginx
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
tf_chiangsaen-webfont.woff2
www.daradaily.com/fonts/ 		71 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.daradaily.com/fonts/tf_chiangsaen-webfont.woff2
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/css/css.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
ca8c31d7628637d369d264d51254f28ae86a682d3373c4def24358cb4b8fab2f

Request headers

Referer
https://www.daradaily.com/css/css.min.css
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:22 GMT
content-encoding
gzip
last-modified
Tue, 29 Aug 2017 16:58:48 GMT
server
nginx
etag
W/"272e1e-11c40-557e7532bf2ec"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 13 Dec 2022 22:56:23 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45447af3a3d15af287b0d9947462be3791908b3cf7004370ab6f36e15529b239
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24967
x-jsd-version
1.0.1555
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"668-FHJt9QGkqB5ui1KzXm+49E7ca9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79x3nfoPtEKB6%2FUX%2FrjpCigJjtRztxHJ6BHfw8IExCYvW0oEO%2BxEKPjgoTME2vcYTENIsh89Yol21LTWNI4Kag3rJ%2Fu1oMOVRyDKxZj4ucYfXdrMMbRA0Cb1Cc%2FSJkcY%2BjP8xM60JUoSpzpQkXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
77924bda2f97bb43-FRA
auction
tlx.3lift.com/header/ 		19 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.26.0&referrer=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&tmax=2000
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.76.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-76-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:00 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
x-auction-status
12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.daradaily.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
prg-apac.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:00 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.daradaily.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:00 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.daradaily.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:00 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.daradaily.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:56:59 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.daradaily.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:56:59 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.daradaily.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:56:59 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.daradaily.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:00 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.daradaily.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:00 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.daradaily.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:00 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.daradaily.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		53 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 22:57:00 GMT
AN-X-Request-Uuid
254661c1-39ab-4e84-904a-1bc6dee08848
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.daradaily.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4b3958fc55391e6052cd95d6bfae59c13233deabd723aaed2b84e15eb25d142a

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.daradaily.com
date
Tue, 13 Dec 2022 22:57:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
cdb
bidder.criteo.com/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.26.0&cb=72877469393&lsavail=0
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.daradaily.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=609853
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a675f90653c51699487add7e121937714560ea612b6ec5df0c9c61bb9705e4a

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3c%2BOPctUnODJMDXwj%2BNDvSU2pYy5R2gxSHaXX2IZqnoHnkP5QGDAcOvfoycYmzneU4o5qa4bEU4JQjFmAMafbkriLEHofcb6hSTRe5dNPPijFU0pMnNo%2BqkM6mOfEMPwjPjFQHy9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.daradaily.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77924bda6ecc9201-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
arj
adasia-d.openx.net/w/1.0/ 		73 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adasia-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3be16274-cf84-46d4-aa43-edb71064db99%2Cf7c8b28b-f59e-4a34-81e3-3ac4bcf8c665%2C9cbd5dc4-8123-41d5-86af-6cc7242f0485&nocache=1670972220476&schain=1.0%2C1!anymanager.io%2C4906%2C1%2C%2C%2C&aus=728x90%2C970x90%7C300x250%2C336x280%2C728x90%2C640x360%7C336x280%2C300x250&divids=ats-overlay_bottom-2%2Cats-insert_ads-9%2Cats-insert_ads-10&aucs=ats-overlay_bottom-2%2Cats-insert_ads-9%2Cats-insert_ads-10&auid=545646940%2C545646950%2C545646951
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3f20db2f9bfb26c3075f57928569656beba273cd682eb5a160d30a763e4b305e

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.daradaily.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU3VM41V
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
09b82e051568820409dab2a9343b70c37c9c5aa19afa08460ac9d6ca6be06941

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:00 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.daradaily.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 13 Dec 2022 22:57:00 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 21:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6394
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Dec 2023 21:10:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		197 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.daradaily.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8a35f46da7921c5172266705fefe371e2ff590e37bfece9a8d1866d5b98f9a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108
x-xss-protection
0
expires
Tue, 13 Dec 2022 22:57:00 GMT
daradaily.com.1380045.es6.js
jsc.mgid.com/d/a/ 		273 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/d/a/daradaily.com.1380045.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/a/daradaily.com.1380045.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c518487dfeb57fd530f7c13967f68767e3d3c9e6df1cff195a8d80d6fc0e387

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
x-amz-version-id
GFz831slo9fJJnA4j7.bbqHpK2ZWrWzp
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
KQ38EJY6H3JS0GTK
cf-polished
origSize=280040
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
GvVO/VMFXeEZvHOgb+6elU6UrgTd2lavR9UcMrMX+bXOXIFaAkyETdnRNqzbPgpVNFOVQkEM1HU=
cf-bgj
minify
last-modified
Wed, 23 Nov 2022 12:05:18 GMT
server
cloudflare
etag
W/"37c7eec4caaf71e23783262c5c08246c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
77924bda6fb4bb35-FRA
expires
Wed, 14 Dec 2022 01:57:00 GMT
impl.20221213-28-RELEASE.js
cdn.taboola.com/libtrc/ 		697 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/daradaily/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f164ec8de5881a65f775c90a18557a2ca67a4ef51f35aed61135683efe18baf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
Lrl1e2Aw8HzCg9OgpbTX6ln5I5_T3ZPx
content-encoding
br
via
1.1 varnish
date
Tue, 13 Dec 2022 22:57:00 GMT
x-amz-request-id
KVJN73AKCDP1590T
age
26495
x-cache
HIT
content-length
147906
x-amz-id-2
il2fn2xAjbbgcxwwDSvYEZDLB7FPnaacErobol09BwmCWl1ywsN8l8CETmbcF2Q5aseD2ifknHI=
x-served-by
cache-hhn-etou8220060-HHN
last-modified
Tue, 13 Dec 2022 15:34:28 GMT
server
AmazonS3-br
x-timer
S1670972221.531499,VS0,VE0
etag
"a4495474400267464c5d5703cfb4ef74"
vary
Accept-Encoding
content-type
application/javascript
abp
5
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
50696
sdk.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=a40318ea7aeb27c2eb713209791687d4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ad24788a667e2bc9c62cfac121db1ac21939dab1273373019ac6f1c07af4348e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Dec 2022 22:57:00 GMT
content-md5
1EH+0R+ekYf0aANfPaa9nA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86983
x-fb-rlafr
0
x-fb-debug
IFRwciNA9WIdZd/pXdACRDUkxO5A6wsv0ToQF70Kf3D1De1XVphEAYkOP27uUdTlGFwKiqUuNO+YU3I8lzSFKA==
x-fb-content-md5
d8ac5e6d5475b0526e88d13a57ea263f
cross-origin-opener-policy
same-origin-allow-popups
etag
"185e548eee1298ec90c960b91d465d5b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 13 Dec 2023 22:35:38 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=176770141&utmhn=www.daradaily.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E0...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39560487-1&cid=346850570.1670972221&jid=323528568&_v=5.7.2&z=176770141
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39560487-1&cid=346850570.1670972221&jid=323528568&_v=5.7.2&z=176770141
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39560487-1&cid=346850570.1670972221&jid=323528568&_v=5.7.2&z=176770141&slf_rd=1&random=493215146
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39560487-1&cid=346850570.1670972221&jid=323528568&_v=5.7.2&z=176770141&slf_rd=1&random=493215146
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39560487-1&cid=346850570.1670972221&jid=323528568&_v=5.7.2&z=176770141&slf_rd=1&random=493215146
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
587661651583893
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/587661651583893?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b76b04c016278cae5faa3148631023dc86dfbccbc10c81226f57a20c98e01cb5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 13 Dec 2022 22:57:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
cxa9/IU9EzwAFWZFIyOj3Lgob/agWHAAoLiX0dZsJbgKUWPIcm7o8mz4MCcC3MTfsAxSVt8LmebI1g4piMHOdg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.daradaily.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.daradaily.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		75 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3286347942355567&correlator=2834252417887590&eid=31070873&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=21622890900%3A118556157%2CTH_daradaily.com_pc_allsite_anchor_728x90%2C970x90%2CTH_daradaily.com_pc_article_mid1_300x250%2C336x280%2CTH_daradaily.com_pc_article_mid2_300x250%2CTH_daradaily.com_pc_allsite_1x1%2CTH_daradaily.com_pc_allsite_interstitial&enc_prev_ius=%2F0%2F1%2F%2F2%2C%2F0%2F3%2F%2F4%2C%2F0%2F5%2F%2F4%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%7C970x90%2C300x250%7C336x280%7C728x90%7C640x360%2C300x250%7C336x280%7C728x90%2C300x250%7C336x280%7C1x1%2C1x1&ifi=1&adks=406592973%2C2852122213%2C1193225124%2C920851890%2C1945445318&didk=590274411~2825456948~1599268311~1599268305~4048917120&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C0%2C8&prev_scp=%7C%7Cats_hb_bid%3Dtrue%26ats_hb_pb%3D0.01%26hb_format%3Dbanner%26hb_adid%3D4564999ed923e32%26hb_size%3D300x250%26ats_hb_bidder%3Dpubmatic%7C%7C&eri=1&cust_params=url%3D%252Fnews%252F121632%252Fread%26ref%3Dnull%26page_type%3Dcontent%26Content%3D%25E0%25B8%258B%25E0%25B8%25B5%2520%25E0%25B8%259E%25E0%25B8%25A4%25E0%25B8%2581%25E0%25B8%25A9%25E0%25B9%258C%252C%25E0%25B8%2599%25E0%25B8%25B8%25E0%25B8%2599%25E0%25B8%25B4%25E0%25B8%25A7%2520%25E0%25B8%258A%25E0%25B8%25A7%25E0%25B8%25A3%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B8%2597%25E0%25B8%25A3%25E0%25B9%258C&sc=1&cookie_enabled=1&abxe=1&dt=1670972220767&lmt=1670972220&dlt=1670972219736&idt=951&adxs=-9%2C450%2C450%2C-9%2C-9&adys=-9%2C871%2C3530%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&frm=20&vis=1&psz=0x-1%7C770x0%7C770x0%7C0x-1%7C0x-1&msz=0x-1%7C300x0%7C300x0%7C0x-1%7C0x-1&fws=2%2C132%2C132%2C2%2C2&ohw=0%2C1600%2C1600%2C0%2C0&ga_vid=346850570.1670972221&ga_sid=1670972221&ga_hid=928258813&ga_fc=true&cbidsp=CtQBCAESEAoKdHJpcGxlbGlmdBBVIAISFAoNc21hcnRhZHNlcnZlchDcASACEhQKDXNtYXJ0YWRzZXJ2ZXIQ3AEgAhIOCghhcHBuZXh1cxBUIAISDwoIcHVibWF0aWMQ9AEgAhIMCgZjcml0ZW8QbiACEggKAml4EHYgAhIICgJpeBB2IAISCwoFb3BlbngQZSACEg8KCG1lZGlhbmV0EIwCIAIYAiIkM2JlMTYyNzQtY2Y4NC00NmQ0LWFhNDMtZWRiNzEwNjRkYjk5KgQIAyAASgBA0A8.~CpQCCAESEAoKdHJpcGxlbGlmdBBVIAISFAoNc21hcnRhZHNlcnZlchDcASACEhQKDXNtYXJ0YWRzZXJ2ZXIQ3AEgAhIUCg1zbWFydGFkc2VydmVyENwBIAISFAoNc21hcnRhZHNlcnZlchDcASACEg4KCGFwcG5leHVzEFQgAhIPCghwdWJtYXRpYxD0ASACEgwKBmNyaXRlbxBuIAISCAoCaXgQdiACEggKAml4EHYgAhIICgJpeBB2IAISCAoCaXgQdiACEgsKBW9wZW54EGUgAhIPCghtZWRpYW5ldBCMAiACGAIiJGY3YzhiMjhiLWY1OWUtNGEzNC04MWUzLTNhYzRiY2Y4YzY2NSoECAMgAEoAQNAP~CtwCCAESEAoKdHJpcGxlbGlmdBBVIAISFAoNc21hcnRhZHNlcnZlchDcASACEhQKDXNtYXJ0YWRzZXJ2ZXIQ3AEgAhIUCg1zbWFydGFkc2VydmVyENwBIAISDgoIYXBwbmV4dXMQVCACEncKCHB1Ym1hdGljEPIBGmYKDzQ1NjQ5OTllZDkyM2UzMhCQThoDVVNEIg1hdHNfaGJfYmlkZGVyIgdoYl9zaXplIgdoYl9hZGlkIgloYl9mb3JtYXQiCWF0c19oYl9wYiIKYXRzX2hiX2JpZCgBOgYIrAIQ-gEgARIMCgZjcml0ZW8QbiACEggKAml4EHYgAhIICgJpeBB2IAISCAoCaXgQdiACEgsKBW9wZW54EGUgAhIPCghtZWRpYW5ldBCMAiACGAIiJDljYmQ1ZGM0LTgxMjMtNDFkNS04NmFmLTZjYzcyNDJmMDQ4NSoECAMgAEoAQNAP~~
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf652745d533b930e874ec62e473dcb2951030ac3ac057fc2e5ee7bec1100979
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,211995,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18132
x-xss-protection
0
google-lineitem-id
-2,-1,5854012962,5997070308,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,138375144553,138389695418,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.daradaily.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		553 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3286347942355567&correlator=2834252417887590&eid=31070873&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=231599934%2Cdaradaily%2Ccontent%2CBelow_Thumbnail&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x100&ifi=6&adks=1431503457&didk=2124535376&sfv=1-0-40&eri=1&cust_params=url%3D%252Fnews%252F121632%252Fread%26ref%3Dnull%26page_type%3Dcontent%26Content%3D%25E0%25B8%258B%25E0%25B8%25B5%2520%25E0%25B8%259E%25E0%25B8%25A4%25E0%25B8%2581%25E0%25B8%25A9%25E0%25B9%258C%252C%25E0%25B8%2599%25E0%25B8%25B8%25E0%25B8%2599%25E0%25B8%25B4%25E0%25B8%25A7%2520%25E0%25B8%258A%25E0%25B8%25A7%25E0%25B8%25A3%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B8%2597%25E0%25B8%25A3%25E0%25B9%258C&sc=1&cookie_enabled=1&abxe=1&dt=1670972220777&lmt=1670972220&dlt=1670972219736&idt=951&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=346850570.1670972221&ga_sid=1670972221&ga_hid=928258813&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c66c1b91c7ced5e83b4764e793d2f1826d10bb1d83fd553f14d0935a1c430dea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
286
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.daradaily.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		358 KB
70 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3286347942355567&correlator=2834252417887590&eid=31070873&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=231599934%3A118556157%2Cdaradaily%2Ccontent%2Cbillboard%2Csticky%2Cinarticle%2Cpostarticle%2Cmiddle&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7&prev_iu_szs=970x250%7C970x90%7C970x70%7C728x90%2C336x280%7C300x600%7C300x250%2C336x280%7C300x250%2C336x280%7C300x250%2C728x90&ifi=7&adks=2735541593%2C1281886047%2C3000546248%2C2940902746%2C2446396582&didk=2125396009~2125396011~2125396010~2125396005~2125396007&sfv=1-0-40&prev_scp=unit_type%3Dbillboard%7Cunit_type%3Dsticky%7Cunit_type%3Dinarticle%7Cunit_type%3Dpostarticle%7Cunit_type%3Dmiddle&eri=1&cust_params=url%3D%252Fnews%252F121632%252Fread%26ref%3Dnull%26page_type%3Dcontent%26Content%3D%25E0%25B8%258B%25E0%25B8%25B5%2520%25E0%25B8%259E%25E0%25B8%25A4%25E0%25B8%2581%25E0%25B8%25A9%25E0%25B9%258C%252C%25E0%25B8%2599%25E0%25B8%25B8%25E0%25B8%2599%25E0%25B8%25B4%25E0%25B8%25A7%2520%25E0%25B8%258A%25E0%25B8%25A7%25E0%25B8%25A3%25E0%25B8%25B4%25E0%25B8%2599%25E0%25B8%2597%25E0%25B8%25A3%25E0%25B9%258C&sc=1&cookie_enabled=1&abxe=1&dt=1670972220779&lmt=1670972220&dlt=1670972219736&idt=951&adxs=315%2C1033%2C-9%2C-9%2C-9&adys=222%2C413%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C-1%7C-1&ucis=7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&frm=20&vis=1&psz=970x5%7C331x0%7C0x-1%7C0x-1%7C0x-1&msz=970x0%7C331x0%7C0x-1%7C0x-1%7C0x-1&fws=4%2C516%2C2%2C2%2C2&ohw=1600%2C1600%2C0%2C0%2C0&ga_vid=346850570.1670972221&ga_sid=1670972221&ga_hid=928258813&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a500a119fa5a1e2411f902f55918655210d3da348b9e8e4b444de9bc410fc5f
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIyQnc3Y9_sCFYX2dwodHJgFIw&gqi=&layout=/sadbundle/%24csp%253Der3%24/14674112099215987585/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2Qnc3Y9_sCFYX2dwodHJgFIw&gqi=&layout=/sadbundle/%24csp%253Der3%24/16841678510429673680/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIyQnc3Y9_sCFYX2dwodHJgFIw&gqi=&layout=/sadbundle/%24csp%253Der3%24/14674112099215987585/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2Qnc3Y9_sCFYX2dwodHJgFIw&gqi=&layout=/sadbundle/%24csp%253Der3%24/16841678510429673680/index.html
date
Tue, 13 Dec 2022 22:57:01 GMT
x-content-type-options
nosniff
content-encoding
br
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71373
x-xss-protection
0
google-lineitem-id
-1,-1,-1,701481614,701481614
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,138201437465,138201421845
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.daradaily.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B865 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:57:00 GMT
expires
Wed, 13 Dec 2023 22:57:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5eadb3853810c64a037b947f6355ca7f98036d56bfb46ee9f51a01f881259ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 16:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14011
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 12 Dec 2023 16:19:01 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1751494371841879&ev=fb_page_view&dl=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&rl=&if=false&ts=1670972220791&sw=1600&sh=1200&at=
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 13 Dec 2022 22:57:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
1729ffa2-4712-4d77-991e-860328e1c6c1
https://www.daradaily.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.daradaily.com/1729ffa2-4712-4d77-991e-860328e1c6c1
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
64545ec5-08a5-46cd-8cae-1cabe7125827
https://www.daradaily.com/ 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.daradaily.com/64545ec5-08a5-46cd-8cae-1cabe7125827
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=587661651583893&ev=PageView&dl=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&rl=&if=false&ts=1670972220859&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670972220858.591767350&it=1670972220678&coo=false&exp=a0&rqm=GET
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 13 Dec 2022 22:57:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
c.mgid.com/pv/ 		0
35 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1670972220867354066069&ogtitle=%E0%B8%AA%E0%B8%B4%E0%B9%89%E0%B8%99%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%A3%E0%B8%AD%E0%B8%84%E0%B8%AD%E0%B8%A2!%20%E0%B9%80%E0%B8%9C%E0%B8%A2%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%8B%E0%B8%B5%E0%B8%A3%E0%B8%B5%E0%B8%AA%E0%B9%8C%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E2%80%9C%E0%B8%8B%E0%B8%B5-%E0%B8%99%E0%B8%B8%E0%B8%99%E0%B8%B4%E0%B8%A7%E2%80%9D%20%E0%B8%97%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B8%87%E0%B8%9A%2030%20%E0%B8%A5%E0%B9%89%E0%B8%B2%E0%B8%99%E0%B9%81%E0%B8%84%E0%B9%88%E0%B8%8A%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%81%E0%B9%87%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%9F%E0%B8%B4%E0%B8%99%20%7C%20daradaily&uniqId=0e686&lct=1669161600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=http%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&lu=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&sessionId=6399033d-0b493&pageView=1&pvid=1850db4a5c3b8de68a3&site=841419&implVersion=11&dpr=1&tfre=1132
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/a/daradaily.com.1380045.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
77924bdc8bbe694f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
23d139ed-1d04-453d-abe3-9494a759c2c9
https://www.daradaily.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.daradaily.com/23d139ed-1d04-453d-abe3-9494a759c2c9
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
31SG1V0WFRNKXC6R
age
434
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
77924bdcabe5694f-FRA
expires
Wed, 14 Dec 2022 22:57:00 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
31SYWNNYNESPJ6F1
age
3370
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
3myD4nXSsv4qiYMx2Hi56efn2ys0sdKXq9O5ZJG39ML6YXsxmNdK6iip2d5CSfCah3Py/VE8AbU=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
77924bdcabe4694f-FRA
expires
Wed, 14 Dec 2022 22:57:00 GMT
1
servicer.mgid.com/1380045/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1380045/1?pv=5&cbuster=167097222093687405617&ogtitle=%E0%B8%AA%E0%B8%B4%E0%B9%89%E0%B8%99%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%A3%E0%B8%AD%E0%B8%84%E0%B8%AD%E0%B8%A2!%20%E0%B9%80%E0%B8%9C%E0%B8%A2%E0%B9%81%E0%B8%A5%E0%B9%89%E0%B8%A7%E0%B8%8B%E0%B8%B5%E0%B8%A3%E0%B8%B5%E0%B8%AA%E0%B9%8C%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E2%80%9C%E0%B8%8B%E0%B8%B5-%E0%B8%99%E0%B8%B8%E0%B8%99%E0%B8%B4%E0%B8%A7%E2%80%9D%20%E0%B8%97%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B8%87%E0%B8%9A%2030%20%E0%B8%A5%E0%B9%89%E0%B8%B2%E0%B8%99%E0%B9%81%E0%B8%84%E0%B9%88%E0%B8%8A%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%81%E0%B9%87%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%A7%E0%B9%88%E0%B8%B2%E0%B8%9F%E0%B8%B4%E0%B8%99%20%7C%20daradaily&uniqId=0e686&lct=1669161600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=770&h=4513&maxw_7=336&maxh_7=279&ident_p=true&cols=1&ref=&cxurl=http%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&lu=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&sessionId=6399033d-0b493&pageView=1&pvid=1850db4a5c3b8de68a3&implVersion=11&dpr=1&tfre=1201
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/a/daradaily.com.1380045.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1989403d28794c8a76c26567cb561ee74f94394e104209b13781f1bfcf2b63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
77924bdcfc5d694f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMi83NDI1MzAvNGQ4Y...
s-img.mgid.com/g/14817312/492x277/-/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14817312/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMi83NDI1MzAvNGQ4YzcxNjY3Mzg4MDVhMjU0NjlmYjJlMjVkNDA0OWMuanBn.webp?v=1670972220-J_4_uiJa6kj7GsLh31C7DhJ9vSHBCjHe_PiGRcMM-p4
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1df3fad3327eaab1e23bdeb4f69c8d61eeff240442852bb3f68bca4c9ced333

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
HIT
last-modified
Sun, 04 Dec 2022 10:30:04 GMT
x-mg-request-uuid
2cd7ab51-8666-4307-952b-1554f5273f92
server
cloudflare
age
821053
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
77924bdda85ebbe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35498
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS82ODc2NDAvMzJlN...
s-img.mgid.com/g/14647890/492x277/-/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14647890/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS82ODc2NDAvMzJlNzVmY2Q1YzI5M2UxYzQxZmQ0NTA4NDA2MzJiY2UuanBn.webp?v=1670972220-OyfjvkF4VnAWyteZhiZatI8xdB4ZDf3or99SvmRHzgE
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c56f7e72b18b752e236fae96a8b0303c963fa7978407bd736a5e68c0f1f73da

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Nov 2022 14:37:41 GMT
x-mg-request-uuid
9701b710-c8b4-423b-b8d1-7d21a10c9119
server
cloudflare
age
139349
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
77924bdda861bbe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16318
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS8yMjAxODUvZWM2M...
s-img.mgid.com/g/14594108/492x277/-/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14594108/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS8yMjAxODUvZWM2MGJlN2NiYTNmOTRiOGQ1ZmU2ZTU1N2ZlZDU4Y2YucG5n.webp?v=1670972220-DrDfOw3OFSsRlKrFzjbVDK_zQbaSpybAlFGD3fg5vpE
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9047ab649135eb522cbf5988742b96d79257149074b5c423059ca9ed874170c5

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
HIT
last-modified
Fri, 11 Nov 2022 00:40:52 GMT
x-mg-request-uuid
249111e6-119c-4671-a098-36a63702f4fb
server
cloudflare
age
2844709
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
77924bdda863bbe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15658
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC80NzI3NjAvZGEwY...
s-img.mgid.com/g/14701459/492x277/-/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14701459/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC80NzI3NjAvZGEwYWY3NjVkNTM5NjRmZmZmMTM3NjcyMThhMjgzNzQuanBlZw.webp?v=1670972220-0Mt9hIaVSxlNHSz9EUGLcVrI8L0Kfwy4Z0Vxcki-_Zg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8113780bd512b317faf7c7f707e4da322adcd057bd6c71a523e4cc9faa4b5819

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 09:21:52 GMT
x-mg-request-uuid
c985b4d4-5adf-43ef-83e2-65010ffe93c5
server
cloudflare
age
1776909
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
77924bdda864bbe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5768
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNDA4LHlfMjI4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTExL...
s-img.mgid.com/g/14496310/492x277/-/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14496310/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNDA4LHlfMjI4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTExLzI2NzQ2Ny83MzgzZWVlYTBhNDNjZTRhZThkMzdlOWM3N2EwOGY2Yy5qcGVn.webp?v=1670972220-V2cF9TKrc_N6z222YXnwfYtCJYpfznqWHIJBwnoc6cw
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456cf117c765c3c6a28677f45de39585ad979033a603662986270b83f8fdf5d3

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Nov 2022 08:13:35 GMT
x-mg-request-uuid
acdd974e-d7c6-4ba2-81d2-af718c081877
server
cloudflare
age
3595405
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
77924bdda867bbe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30328
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi80NjY0ODAvMmYyYmU3MjljZjlhODM2Y...
s-img.mgid.com/g/12290497/492x277/-/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12290497/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi80NjY0ODAvMmYyYmU3MjljZjlhODM2YTM1NzFlMzgzY2U0MjYzZTIuanBn.webp?v=1670972220-NM9jyCtV3KUSE_7WbyXFnUR1DCwTE8hc_6ov1cn7UzA
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd7f33622e40202167bc44d183879d25497b1e66c51cebb21175b06711e68ce3

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
HIT
last-modified
Thu, 03 Mar 2022 09:30:40 GMT
x-mg-request-uuid
f6a87175-7545-43b8-9231-2cc7f68747b2
server
cloudflare
age
1426628
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
77924bdda868bbe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19450
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvNTM1MTQ5LzJlYjE5NmVhMDJmM2RiMjU0NjU3YTVmNzM3NGI0ODUwLmpwZw.webp
s-img.mgid.com/g/6957977/492x277/0x0x492x277/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/6957977/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvNTM1MTQ5LzJlYjE5NmVhMDJmM2RiMjU0NjU3YTVmNzM3NGI0ODUwLmpwZw.webp?v=1670972220-gj4TsekD6u8UYOvVndsrG5BYZ4AGRzIKiMfM3e_DLMk
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94fa24d1260305e535e9d7fcc2d4760e9bb7bcc3991e7334d99f1cd6b8785bdf

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
HIT
last-modified
Mon, 24 Oct 2022 12:11:42 GMT
x-mg-request-uuid
9ebf0fda-f7f4-41da-944b-198d45198d79
server
cloudflare
age
4234511
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
77924bdda86abbe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14066
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNC8zNjk0MDMvZDY2O...
s-img.mgid.com/g/12658861/492x277/-/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12658861/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNC8zNjk0MDMvZDY2OWJhNmYyMmUyMjBjMDhkOWRjNDIwNmU3OTkxMmIuanBlZw.webp?v=1670972220-UOuhI9Fb98oLd4q1ewOoZ4IOAujqv2LqgkJaK9_AonI
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35b2183535267b95f234d1e6e91f8d693d488f85e1a9d7687e7d32ddb2ae5781

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
HIT
last-modified
Tue, 01 Nov 2022 08:51:02 GMT
x-mg-request-uuid
d77f7bfd-dc9e-41bf-866e-2b12b32009db
server
cloudflare
age
3679559
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
77924bdda86dbbe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5216
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMzQ0NTM4LzViMzdlZTVjMjg4OGE2MmZlNDQ2NTY5ZTRjY2UzMmI2LmpwZw.webp
s-img.mgid.com/g/6494490/492x277/0x0x492x277/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/6494490/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMzQ0NTM4LzViMzdlZTVjMjg4OGE2MmZlNDQ2NTY5ZTRjY2UzMmI2LmpwZw.webp?v=1670972220-Z3mWwfEe1HCqYAi9NEeCZ2GAUffjeb6YVb5GMhXN5KU
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a74325135c617201d35fc332689dfa3c976d6e20ecf067a291d1fcab189f79a0

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
HIT
last-modified
Wed, 20 Jul 2022 01:29:07 GMT
x-mg-request-uuid
6baf73ef-6bf0-400b-8406-e8ed157be120
server
cloudflare
age
4236449
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
77924bddc892bbe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9418
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMi8yNDIxMzUvNmNlN...
s-img.mgid.com/g/14875053/492x277/-/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14875053/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMi8yNDIxMzUvNmNlNjU5NWQ5ZmMwYzMyOTUzYmVkMDAxODkyYjkwMzEuanBn.webp?v=1670972220-nJUTwrtE5ioTwVCCN7NoJ_g24VqH-mwRptp2LmfC-AU
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457af336b7fa12a38ebb2ef0f1004dcc27643c52800c29c72ef4fc0f895ae4fa

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 09:59:38 GMT
x-mg-request-uuid
ce254187-a740-44ad-ac48-40d5328b794e
server
cloudflare
age
132016
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
77924bddc894bbe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6832
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzUzNTE0OS9mNTMxNDMxNjI0ZjkyNzU3MzgxY...
s-img.mgid.com/g/11249008/492x277/-/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11249008/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzUzNTE0OS9mNTMxNDMxNjI0ZjkyNzU3MzgxYWU1Mjk2MzkwMDkyZi5qcGc.webp?v=1670972220-481p5xoYLGHFxHeOallrIXPuQOuLGoyslrFTsIiEzlM
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f42daca24ad58ae6f5bf45288909fe1e0f65906bf0a9bacfd13240e9ca335

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 20:38:06 GMT
x-mg-request-uuid
fa75fc06-bf54-4e42-9007-dcddf5fba7a3
server
cloudflare
age
1014594
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
77924bddc897bbe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21404
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS82NzI5NTUvN2Y2M...
s-img.mgid.com/g/12997087/492x277/-/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12997087/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS82NzI5NTUvN2Y2M2ViNDExNjM4MzBlMTkzYjllMzc0ODYwZmVkZmQuanBn.webp?v=1670972220-Yww_JjqyI27lDyyFcKSU70hwPhEi9oMxwSd-07BP_-Y
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e4f8329b54631b000d854fe51e77ddb147a8c3263366e9b0141d66b0b36944c

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Oct 2022 19:25:05 GMT
x-mg-request-uuid
f8bd5d82-7dfc-470a-8a02-737861b40fbd
server
cloudflare
age
4234138
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
77924bddc899bbe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18868
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMi83NDI1MzAvYzBkM...
s-img.mgid.com/g/14891899/492x277/-/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14891899/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMi83NDI1MzAvYzBkMjgxNzFkYWI4MTlhZDFhNWQ5NjJlZDU1NzViMWEuanBn.webp?v=1670972220-xCUdHYVq3m7amsnHaHKfk2r2dehJJDAnkNwedZqVqaM
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1618f9005ddfc8a2a16d37e0f92e0a2ffc5257299fa2c62f374accefdeec63bc

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
HIT
last-modified
Tue, 13 Dec 2022 12:31:17 GMT
x-mg-request-uuid
86d94a82-d6de-455c-bf59-287b22179d7a
server
cloudflare
age
37259
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
77924bddc89abbe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16144
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNC8zNjk0MDMvNDMxY...
s-img.mgid.com/g/12659619/492x277/-/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12659619/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNC8zNjk0MDMvNDMxYmUxMzA4MzYwMDE2Y2EyZDJmYzBlYzE1N2VlNDMuanBlZw.webp?v=1670972220-37G9BgMwvI5Fmhmh-fKCNrxrjUsBVNbBwuxPCEGzswg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e67da78e96433060552b1ae05533f8459a2b3f76b3921a8343f976734be216e1

Request headers

Referer
https://www.daradaily.com/
Origin
https://www.daradaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
HIT
last-modified
Mon, 23 May 2022 09:22:12 GMT
x-mg-request-uuid
78df7b89-4b7a-40c1-83aa-6b4b8a3bb353
server
cloudflare
age
4236351
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
77924bddc89bbbe3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17734
579c9a0da32694ab366b9e690c1b38bd.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-07/369403/ 		598 KB
600 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-07/369403/579c9a0da32694ab366b9e690c1b38bd.mp4?v=1670972220-bjdUsOdYx8NQTq-uLQAkQ5Y3wzavxPbvj_K_3-MXM8E
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9040 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d2d03a1dc79014bee40eaa3ae9e3e2de7f9f528bc6210a4f3b54ce64609a3c4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.daradaily.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
cf-cache-status
HIT
age
530535
Content-Range
bytes 0-612749/612750
server-timing
fastly;dur=2;cpu=1;start=2022-12-07T19:33:19.201Z;desc=hit,rtt;dur=0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
612750
last-modified
Tue, 25 Oct 2022 21:54:29 GMT
server
cloudflare
etag
"31233dd0874bce9646e41051990ffc6a"
vary
Accept-Encoding
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
77924bddcab590e6-FRA
expires
Wed, 13 Dec 2023 22:57:01 GMT
int_exchange_wages_ad.svg
cdn.mgid.com/images/mgid/ 		1 KB
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/int_exchange_wages_ad.svg
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
5FEWVNTYH4XY0BX8
age
2725
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
k+adrVf6bTi5y7VcvktaWl+n9ltNdRx9sZBU8f4ad0wBtKi7Xf3T8iY0buFEhPUzuRmwL7VROLM=
last-modified
Mon, 04 May 2020 12:16:53 GMT
server
cloudflare
etag
W/"37346cd2daeeec771e8ffe3a34ef43ea"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
77924bdd7cafbb35-FRA
expires
Wed, 14 Dec 2022 22:57:01 GMT
i.js
cm.mgid.com/ 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1670972221034541496222
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/a/daradaily.com.1380045.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
77924bdd9d2c694f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.mgid.com/ Frame 92D9 		0
38 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=167097222104230545288
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/a/daradaily.com.1380045.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
77924bdddd99694f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/a/daradaily.com.1380045.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
AS6079NF7R64H2CK
age
1809
etag
W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77924bde4a369bfa-FRA
x-amz-id-2
2mxyvxkHDv8YVtTpVImJWzSJ6t9LE3MMZGFNY9vGEvXz3eTx52Vj7bVgYIduyNqIsbtyyLaxBsg=
daradaily.com.1396708.es6.js
jsc.mgid.com/d/a/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/d/a/daradaily.com.1396708.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/a/daradaily.com.1396708.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77fa1b8402dbaeb5481fdfeabb715aaca7651d2ffdabb3d5409e650d92beea7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
x-amz-version-id
T8PzmP7m9QZ.eXnebjG7tquJOtE2PyqA
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
CHCB7RJRGMEWRA6N
cf-polished
origSize=268893
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
t4wwrWsqQzovG/W6DMlWdd3BIX1paBiPaaw5+Wlh6Lh6IuWpl7R8fHYGSq/I8jyZtvuOnCPmTWw=
cf-bgj
minify
last-modified
Sun, 11 Dec 2022 08:33:43 GMT
server
cloudflare
etag
W/"08fabebd94fc300b145cab782a09779f"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
77924bde7e63bb35-FRA
expires
Wed, 14 Dec 2022 01:57:01 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
48d2a24a1804fa11cbe51e0d02c98b1323792a9a1248bbaa690169798b7d6d3b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.daradaily.com
date
Tue, 13 Dec 2022 22:57:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
635d346ec4f2667bbe5dc17bec5c819b66ce9a02bea4dd9250b9727eadf26d1d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.daradaily.com
date
Tue, 13 Dec 2022 22:57:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
34
vary
Origin
content-type
application/json
container.html
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F871 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:57:00 GMT
expires
Wed, 13 Dec 2023 22:57:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 47F9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:57:00 GMT
expires
Wed, 13 Dec 2023 22:57:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
error_handler.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 47F9 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/error_handler.js
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 05:50:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
61610
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3136
x-xss-protection
0
server
cafe
etag
5752131211420753933
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 05:50:11 GMT
error_handler.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F871 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/error_handler.js
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 05:50:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
61610
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3136
x-xss-protection
0
server
cafe
etag
5752131211420753933
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 05:50:11 GMT
/
www.facebook.com/tr/ Frame A864 		0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.daradaily.com
Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.daradaily.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:57:01 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 17:26:25 GMT
content-encoding
gzip
age
106236
x-guploader-uploadid
ADPycdvqYWr4XlcgogWQv1CUKqMPpl5vfnpXVcXgwGPC8Zdt9c3EaH1AN9TP9qap5Fs6TeD5UJ3zYNvH-rbYbZWiqGonRQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 12 Dec 2023 17:26:25 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Dec 2022 22:57:01 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7349
x-jsd-version
master
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGdYRXjTqRLF10vDuBUfL8%2FJXeG8lzTO1YTjgqOro4bBot30BqDKxXw1yWxYz36WBceQsWSWmNZpn8Njos6WKLwIsOyxvXRW5BIF1XWAUhuI0ARwIV6taOOwrtpRfy8GzcLkibJ2TX%2BLxKN4%2Bsc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
77924be00812bbdd-FRA
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
AS623DQBY0CG4WQ2
age
3035
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77924bdfed399bfa-FRA
x-amz-id-2
opH3n6Ss4TlDtfyjukoygT4YC9ks6ezIdzU29iyaBzEnETZcFBMAM6rnMr/Jv2PsgS8/3mqoHZ4=
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 06:30:00 GMT
content-encoding
gzip
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:55:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
59222
x-amz-server-side-encryption
AES256
etag
W/"2c5f4a319c3d99310927955777b5abe3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
E3Y98hwoAoTxhSXFBy-h_PQsd8_4f8VIqbQiaYmnuVbe4y2G4kuF8Q==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		983 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:7400:a:e047:752:5701 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5a098542163dc535e0e3c4ed1bca8fcc8a13f0b827027385af73b8d3db5fa38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 01:20:14 GMT
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Last-Modified
Tue, 13 Dec 2022 01:20:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
77808
ETag
"0e5a5daa4df15b9fd6c9195ac991749e"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
983
X-Amz-Cf-Id
NcTHKK87KFb6uKneBLEOvSnbi9b8VYIOJyiLQBCQ1JQ7KAftbjWYrw==
container.html
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B020 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:57:00 GMT
expires
Wed, 13 Dec 2023 22:57:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 1A88 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLfjoBNKMRrllXJtF3l2mNUDcsncY3-QNMh5AYzIFLexTBe_ZYQKnAsloZg0Hhi7VrB0akovQjt3kuAxeXshogRpO0e1yZLbzWPi0uNc0lBg-l_K1QTGqfDJJmJ9-ZIoOA5FrSwB83E9BsezimF6-Sgd_MlN8Bkew7Vk4vTfnt-UNifOWtOOahZ54a_Tz2CTI-YImDjriCJ-LojULwP5tMR65oeOSo1TB23_SArWV5F9hNRQPpMTQ8W9_YcFl01U7MHUe5OAf16zWyZJt0OBu0MADdfQY58jRtJpZ0s6x_nQRT5x5tmCgOvLkSxxeUqFBxk7xZBhkgQv5Px_CT3Rh-7ksIjg2dNGBaR703K8AvlKWJN_3ITpfyNXHP-g&sai=AMfl-YSaM_SRrd8NoYKsHJ71qAxhasTnkf9Ln8FUYZ8pdfG3P9FX65hpJ1-KMJ1-uGHcsK5bCW2mG0dk80FYW_0qekFDpHpKFj7XV79Cu9clJMgS99_KafsahJS2rW_nyaDelw&sig=Cg0ArKJSzLBkkCGgGCROEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
uct.js
anymind360.com/js/prebid_creative/ Frame 1A88 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/prebid_creative/uct.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.65.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
910d07ea08d88e63965fd6188c9f20736b5b81a9d2a9ad45fc74b240287c2b7e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 07 Dec 2022 17:52:53 GMT
date
Tue, 13 Dec 2022 22:57:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
18246
x-guploader-uploadid
ADPycdv3rl3fgPnFJzX77qeVsZsXj-VWSbXFSxuXEHzxa3owduOH6s8A0fclY5fyFa1F-EP6YNBDuSHA9U8QCpRypj5q6A
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8280
x-served-by
cache-tyo11930-TYO, cache-hhn-etou8220029-HHN
last-modified
Fri, 10 Dec 2021 08:36:59 GMT
server
UploadServer
x-timer
S1670972221.440179,VS0,VE1
etag
"32935b1d2878254c40c430821f9ad672"
vary
Accept-Encoding
x-goog-generation
1639125419758288
content-language
en
access-control-allow-origin
*
x-goog-hash
crc32c=MQ+Z5Q==, md5=MpNbHSh4JUxAxDCCH5rWcg==
access-control-expose-headers
Content-Type
cache-control
max-age=86400
x-goog-stored-content-length
8280
content-type
application/javascript
accept-ranges
bytes
x-cache-hits
342, 1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A88 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 22:57:01 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B020 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C3xj-PAOZY_WyNtKUjuwP8K2-oA7ukrWTXL-ihcfkBcCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEJ4AIAqAMBqgShAk_QT6fTtzb62CYNTYI6qe51B2bH9F05cao6ARfWHPxhIy-lkhpp_liZA8tueAKh0c16C6MDTeXntC0Z6TOuG4D6wuUEFtyCnffSEGmGKA2kFCckSw08J9NT_gbNcdXojBleS8byYhIsFHeUMvZe70tSbeA1zvIbJ2V59nXUIb0TjgagclEAXgdPWu_hQTcUPFcE8LVlz29UtDNt1r73dsfecnPW8DCTN_lJKwjauJ837eV6nlzgnefhVPCDOblVLWCsR9vTi-QK4oMo6Cixa50ayLmrnMMErpaSSezT3u31pGFciCp62LapU5IODinUJ14WLROcGZNYXo2GDHmIm2xUEGCPibaeoRL28vy0y3Y8oaE2VsLBL1f7qhEkHtTnh73gBAGABs_N_f6MqfGrxwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi04NDkzODg2MzU1NTg3NDAzgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTkwNTgyOTE4NTQ0NDM4ODEYttdp&sigh=-XDmwOUsK8Q&uach_m=[UACH]&cid=CAQSPADq26N93XgAjnFfkPdzH7ztB8St4BQO2lc_li7A1h9vEJEbjOTVeoKiubWtewtxd9BhTWxtqNi_HnFraBgBIBM
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
ttj
ib.3lift.com/ Frame B020 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_desktop_300x250&tid=210
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-100.fra60.r.cloudfront.net
Software
/
Resource Hash
1f2e660330caba3a0caa7d0f42b8a12e9f94e21959ef43dc3ac850590411baeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:51:44 GMT
content-encoding
gzip
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
709
etag
"a0b5156026edd66c8401807c76134d0bf5ea13f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
content-length
4507
x-amz-cf-id
aZiaDF60xgyainEZV4XxwSOXWLWcGtda6aPKTQfop4pr9ycgc0ycVQ==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B020 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:55:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
72
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 22:55:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B020 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
21052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 17:06:09 GMT
l
www.google.com/ads/measurement/ Frame B020 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfRp74jjKiHkmaQ5YsT-bXJC39DKa-NObtNW5AlzRztlBIGsA10ViuChWHI5CqqWcb-beNlErS9BMAmVodGVeFDdz8ag
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B020 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:47:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
36543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Dec 2023 12:47:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B020 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 22:57:01 GMT
notify
tlx.3lift.com/s2s/ Frame B020 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=Y5kDPAANmXUHg4pSAA-W8E20zRSZYk0qLB9dFQ&ts=1670972221&aid=6311519678150453820750&ec=2460_92349_106543317&n=Gs4EaHR0cDovL2IxLWV1ZGMxLnplbWFudGEuY29tL2JpZGRlci93aW4vdHJpcGxlbGlmdF9kaXNwbGF5Lzc0MjlhNmRkLTdiMzktMTFlZC04ZGE0LTFjMmFjZmQzODEwOS8wLjAxNC9KSVI3WUJBWTVQUzRPNURHNklYNVdKVklTTTZZSVpJMkRCQ0FXQUNVMzc0WVNaMkhGNlRTMkVMQkRDTUk1TjRVQ043Q0U2Wk1OQkFaVVdZNVBPRVpBVU1KS0NNNlA2SUZLU081N0RCT1RETEtaRzY1NUpFVDczVUxHSVBMWFlJUk5JNzRCQVBJNlhHTVJMUVVSRlg0Q1JDTUU2T1dVTzRISVRZM0pHVlhEM1UyWEtRT1hWQVBCV1RZTzVCNVoyRlJDRU9aMkZXRkdRS0YyUU9FV0dCUkQ0SE5SVk1SSks2QUlVVVpGWFdYU1FIUlVSTTRPSkxIQkJFUkNBUTVMUUJYTDc1Rlk0WVU0U0lLWTdKWEg1REVGM0xCVzNQNUJaQTdPN1RTWFFaQ0VWN0M3TjVCWEdDTURNV0RZQjVTVjRPSkNMQlYzR05CTjM1MldER1BWVjdKUURKSTM2T0lDS0VUSkk1QzZTQ0pWM0c0SUU1V1FUR1NNNEVSU0g1MjZINkRNVk5EQUxKU1Q1SDNINjdORkpJT1kzVVNUNlZVM1FJSzNaQVYyUjVWQlBFMkxGSE9VRzdOQkE0RFlLU1pJSVI0RlpVUFMzVVJSQkFLQUVDTDJES083SjNIRlZMRUdMQkEzTlhMMjJRLz%2FyAr8BCAASFjYzMTE1MTk2NzgxNTA0NTM4MjA3NTAYACABKJwTML3RBUABSABQAGAKaABw0PIhkAEAmAEAqAEAuAEKwAELyAEO8AHSAfgBDoACC5ECAAAAAAAA8D%2BZAuF6FK5H4co%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgCvzGAA6wCiAP6AZADAJgDAKADALgD0MIPyAMA0gMJMTA2NTQzMzE34APxvb0y6QMAAAAAAAAAAPADDvkDAAAAAAAAAAD4AgWIAwCSAwRkYmE4mAMAoAP33haoAwA%3D
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.76.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-76-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 22:57:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame B020 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=6311519678150453820750
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/ Frame A74D 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2ea8daf45136819365c897010c0f185d534a7dc553578ec156f9c8db72449e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
375629
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4754
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Dec 2022 14:36:32 GMT
expires
Sat, 09 Dec 2023 14:36:32 GMT
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 47F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CaGEmPAOZY42CNIXt3wOcsJaYAvGHuPJticiT7L4QjqTeoKgwEAEg3sH5OmCVgoCAoAegAbKKwaoByAEJqQJY_JU4tsaoPuACAKgDAcgDSKoEhAJP0MB3Es0GZD1V3bPDtrfEqYYt9CsY_9cVrRmXvdAPGy7GYPWiiH9QXN9Y4ExZAMAdF2H4E5Z8OB1-lEuxeHsNEht3xQToh8076yFJaS3g_4DxNEVI00hkhg3iJcuFmemfjdXcmne8pl3Tnlh_8cy7aCw3yCgwmZyqvqL-bPV0tToMtbSLR3tiS_DMUUSW7fUbXkN-49S17Z7Pzs9acAn22qqtNKWUpiMAr3FLjIY6pZefR8NtU2JGNN9xAmwvXmLu8CzC9B2wU8T6uB8Y-NIkPXsUQkRUh23kpZhlL-r1-FM9D6KXlXHQ2DrbXYu8V_lomx0S7WDpOG-_70A6h5fAVsXmYMAE14XMoKIE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7b1vtUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQw50a0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTMwMTY1MjA1NTg5MjExNDaACgPICwHYEwLQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzk3MzE4OTkzNzUzMTQ2MhjGhSQ&sigh=lyDgrGDl-0c&uach_m=[UACH]&cid=CAQSOwDq26N9WcPP-G4Pz5yn7bfXwek9J7_QQ_pfVEfcC2sypiK3UzluM9TWAqupqYF9qXaqFEvKZEjwpOi_GAEgEw&template_id=419
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 47F9 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
21052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 17:06:09 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/ Frame BA42 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aae23a1a146a8276a47a9aaa6b54f499f8f433d9acf7ae65920fd168de57e42
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
202077
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4695
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 14:49:04 GMT
expires
Mon, 11 Dec 2023 14:49:04 GMT
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame F871 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4XfsPAOZY4yCNIXt3wOcsJaYAvGHuPJtycqT7L4QjqTeoKgwEAEg3sH5OmCVgoCAoAegAbKKwaoByAEJqQJY_JU4tsaoPuACAKgDAcgDSKoEgQJP0NPKsCDafQHqGcuEu2n9tUsX6bRdkBBc2_JkIXwTAhBcWD2hT1IrGrSQQaMYFoDiB91Nxz8spJA6637jzt6agi8RBfDzWpyVsM3mDL5aOp6n0KfvyuiVeOyUjJDR44Sk54PR4QCUEp9_AksyPe9zGzbB7N9XtJsnJ_NvWTjl5dm58M5ZOL3GpOkoA9cnv128EO5cKDQO33Jjb-aaH0hxJ9BRtmHpqLdsJF1nOwZd6eFG4OEygRJcClgWFZop7waFjZlDH-CGpVoigmUNJgRPpJFmY-D9N86HC1lfV7v6j8-xj6yaEmXzh22Ch1LWrD8y64VXcKK8y0UyKZiX8O51uMAE14XMoKIE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7b1vtUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQjqoK0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTMwMTY1MjA1NTg5MjExNDaACgPICwHYEwLQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzk3MzE4OTkzNzUzMTQ2MhjGhSQ&sigh=JrvKwqD3U6E&uach_m=[UACH]&cid=CAQSOwDq26N9WcPP-G4Pz5yn7bfXwek9J7_QQ_pfVEfcC2sypiK3UzluM9TWAqupqYF9qXaqFEvKZEjwpOi_GAEgEw&template_id=419
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame F871 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
21052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 17:06:09 GMT
advert.gif
code.th.giraff.io/data/ 		43 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.th.giraff.io/data/advert.gif
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.241.51.68 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
last-modified
Mon, 15 Aug 2022 17:16:01 GMT
server
nginx
x-mg-request-uuid
c3c6e97f-4e88-45d6-a220-710626827a20
etag
"62fa7f51-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
43
expires
Tue, 13 Dec 2022 22:58:01 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B47E 		281 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNO0soIEEMvVoocEGOnr19sBMAE&v=APEucNWYf6D5lF6tHuJTRVI_qUOSWwgGauTTcEI9q0a66SOXjad3qzv9a25b-hZsf8Yw-cLJu948gfTnj2auMu1J4mOeoBuFV6OzKn4retgnrKWPfGbS7bk
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:57:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1A88 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27387
x-xss-protection
0
server
cafe
etag
15442950961169408521
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 22:57:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A88 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ap86Rd9gdSFV9YlmgfENpmknVYgbp1qXm8Wr0PyUwWqhBzKOcc3qJCfrbMlGp5G2bJ6ZwIhUHtZtZnfzAJNeKuJkmuEq1uJnfykd2ebpuiHLDY7Vg
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A88 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6088413601046698194&x=6&ct=2
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
increment
id5-sync.com/api/esp/ 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.daradaily.com
date
Tue, 13 Dec 2022 22:57:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&rid=esp&cc=1
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H3
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c11f9cd2e6dc0ee254b0cc76fbff8a23b10f123b927d20bc025b47bc2142143e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-iDUW6Yzc61IXmvCOwIzweUuCyEE"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.daradaily.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 13 Dec 2022 22:57:01 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.daradaily.com
location
/esp?url=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ 		60 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.187.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d66721d28142c179431764b4de1bf5c548fadc0c50f7928f38491224142ea17e

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.daradaily.com
cache-control
no-cache
x-server
10.45.4.119
access-control-allow-credentials
true
content-length
60
expires
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A74D 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 18:58:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
14324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2568
x-xss-protection
0
server
cafe
etag
6734328975651772599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 14 Dec 2022 18:58:17 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A74D 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
47763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 14 Dec 2022 09:40:58 GMT
120fb889c9d3d02c8d3dd0555cf62ab3.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/ Frame A74D 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/120fb889c9d3d02c8d3dd0555cf62ab3.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 09 Dec 2022 13:05:23 GMT
age
381098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30375
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Dec 2023 13:05:23 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame BA42 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 18:58:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
14324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2568
x-xss-protection
0
server
cafe
etag
6734328975651772599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 14 Dec 2022 18:58:17 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BA42 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
47763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 14 Dec 2022 09:40:58 GMT
120fb889c9d3d02c8d3dd0555cf62ab3.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/ Frame BA42 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/120fb889c9d3d02c8d3dd0555cf62ab3.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 09 Dec 2022 19:36:47 GMT
age
357614
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30375
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Dec 2023 19:36:47 GMT
bundle.js
ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/ Frame B020 		170 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_desktop_300x250&tid=210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-100.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab79d75854050d545dc226e87d89007670f6904ee0fbfec6568d41e8c8e2076c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 15:41:41 GMT
content-encoding
gzip
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 15:38:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
458121
etag
"dc17b3dc9f345ba38045deae8cd83a33"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
55196
x-amz-cf-id
Yo46YstLIypPOyXvtBoT5LtsD3zuyAElzShkZ3l5Ns8UqUySTHAzeQ==
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1E35 		143 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
36
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:56:25 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F871 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:55:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
72
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 22:55:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F871 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
21052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 17:06:09 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame F165 		143 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
36
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:56:25 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 47F9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:55:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
72
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 22:55:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 47F9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
21052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 17:06:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 42FF 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
42925
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 11:01:36 GMT
etag
48472445140208031
expires
Wed, 14 Dec 2022 11:01:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B020 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92f8bf0a90eef64467b8971d5480d6a1c3ceca0740eb3c16503728f820686ab8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
121632
www.daradaily.com/uat/getviewscount/news/ 		7 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.daradaily.com/uat/getviewscount/news/121632
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/module/js/jquery-2.1.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx / PHP/7.3.4
Resource Hash
d17791254515a2908f550bdf465d839dd204cd81793766e549c5d2468e801450

Request headers

Accept
*/*
Referer
https://www.daradaily.com/news/121632/read
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:56:23 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.4
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 19 Nov 1981 08:52:00 GMT
css
fonts.googleapis.com/ 		677 B
860 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Armata
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/module/js/js-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbc5bbab43674aff8c128dc7960ff91ff4e643bd5442600e6a8d299153c11253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Dec 2022 22:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 22:27:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Dec 2022 22:57:01 GMT
lightbox-next.png
www.daradaily.com/module/js/skins/default/ 		829 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/module/js/skins/default/lightbox-next.png
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
cef2c38cd259f4fa99611d69ca9930adb4918e77fc90ca0d49af702247d6618c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:23 GMT
last-modified
Tue, 29 Nov 2016 16:31:48 GMT
server
nginx
etag
"583dad74-33d"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
829
expires
Wed, 13 Dec 2023 22:56:23 GMT
lightbox-prev.png
www.daradaily.com/module/js/skins/default/ 		833 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/module/js/skins/default/lightbox-prev.png
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
325be08d0c3ffaba7ea9058845248de75051d01178ac8eb51040b3e01951eb65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:23 GMT
last-modified
Tue, 29 Nov 2016 16:31:48 GMT
server
nginx
etag
"583dad74-341"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
833
expires
Wed, 13 Dec 2023 22:56:23 GMT
lightbox-close.png
www.daradaily.com/module/js/skins/default/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/module/js/skins/default/lightbox-close.png
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
0a7f204307f7db5171cdc82798173202690580603926ce2fe26915c6f5926823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:23 GMT
last-modified
Tue, 29 Nov 2016 16:31:48 GMT
server
nginx
etag
"583dad74-636"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1590
expires
Wed, 13 Dec 2023 22:56:23 GMT
up.png
www.daradaily.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daradaily.com/images/up.png
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.223.32.15 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-111.223.32.15.revip.proen.co.th
Software
nginx /
Resource Hash
4b0a82e0d397475ec86ce7d404502968cf2f901ba03d62197e01864d814d1447

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/news/121632/read
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:23 GMT
last-modified
Wed, 16 Aug 2017 11:51:26 GMT
server
nginx
etag
"599431be-aca"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2762
expires
Wed, 13 Dec 2023 22:56:23 GMT
widget_iframe.644279d1635fd969e87af94a98bd232b.html
platform.twitter.com/widgets/ Frame 471A 		320 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.daradaily.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105445
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 22:57:01 GMT
etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
last-modified
Wed, 02 Nov 2022 19:36:59 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-cache
HIT, HIT
x-served-by
cache-iad-kcgs7200107-IAD, cache-fra-eddf8230068-FRA
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
comments.php
www.facebook.com/v2.8/plugins/ Frame E008 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.8/plugins/comments.php?app_id=1751494371841879&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18bda30802d3e8%26domain%3Dwww.daradaily.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.daradaily.com%252Ffe172720888b44%26relation%3Dparent.parent&container_width=770&height=100&href=http%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&locale=en_US&numposts=10&sdk=joey&version=v2.8&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a40318ea7aeb27c2eb713209791687d4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 13 Dec 2022 22:57:01 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
qM0utya7eY2wHPYZTroGxXwZQR8gLU4lleNvwrMC7PT7CHItoEgIlP/iuUijZl8twD767iyLo6hcz2+pkTKs9w==
x-frame-options
DENY
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 56B2 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBLnwUAAAAAN6hbtXgUkGBvmI83GienhaSC-rF&co=aHR0cHM6Ly93d3cuZGFyYWRhaWx5LmNvbTo0NDM.&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=rhtpbeeblxwt
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e0f06646d7764cf20d921066cbce601d72ce1a9b7363662730a1f69a3346b350
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XYaTpW1I_9ilWV4SCawADw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23213
content-security-policy
script-src 'report-sample' 'nonce-XYaTpW1I_9ilWV4SCawADw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:57:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generic
match.adsrvr.org/track/cmf/ Frame B47E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEADxSU40oRkTjoVgNymEZ2o&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEADxSU40oRkTjoVgNymEZ2o&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=0eedbda833cf380435682f1dc9e0afed&uid=0eedbda833cf380435682f1dc9e0a...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNO0soIEEMvVoocEGOnr19sBMAE&v=APEucNWYf6D5lF6tHuJTRVI_qUOSWwgGauTTcEI9q0a66SOXjad3qzv9a25b-hZsf8Yw-cLJu948gfTnj2auMu1J4mOeoBuFV6OzKn4retgnrKWPfGbS7bk
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 22:57:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 22:57:02 GMT
Last-Modified
Tue, 13 Dec 2022 22:57:02 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B47E 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNO0soIEEMvVoocEGOnr19sBMAE&v=APEucNWYf6D5lF6tHuJTRVI_qUOSWwgGauTTcEI9q0a66SOXjad3qzv9a25b-hZsf8Yw-cLJu948gfTnj2auMu1J4mOeoBuFV6OzKn4retgnrKWPfGbS7bk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
231.json
id5-sync.com/g/v2/ 		216 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/231.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
55fc4f9406f21efa7d353ee3c259f6aaf9eb9a07244f1bcf9bd92225894a99a4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.daradaily.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.daradaily.com
date
Tue, 13 Dec 2022 22:57:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
syncframe
gum.criteo.com/ Frame C036 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.daradaily.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:57:01 GMT
server
Kestrel
server-processing-duration-in-ticks
473932
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A88 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1806075967797&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A88 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1806075967797&version=m202209210101&ct=2&x=6&cor=6088413601046698000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1A88 		68 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bz1tT1szz7c2pWe5VTlfQ_NhJhsmgHmf9VukZU65oW44dKe7KWFFobf-EosD0w48CAWxfnaGOP1ob3GbbF4TgxTnevbyXA0awUPEJ418LHyH4jS3r6F6imp3s6r3zyiWqRx2CTZGMHZgPUatrNGT-K2gR4456gH7YcROcH643dPkxo8ZA&cry=1&dbm_d=AKAmf-Dgp89SSsdaBoU4NhwiZnu5FZuwi2yNoTyoXKR_ird5auDaaIeA7qytaWHwTcF2PZpZe8RMlxK_cdduQmqFlYZQlzpqPK_VHg5LuACYOyhaegWt6t0bK4EXiMAJrrTOT_eJ1-2djaHvi0AnFjuTEvViDrk2UPcCb1o1cyhumC1HK_1SvYE_jOHaV-cwlFbZGSEXEklSJj-nU03G1JnYgYAf8LI20WjzqdGmh2PBcdyjuwVVtWJ990t3wq3yKDQwj3-Nk0pfKSIKS0qKAkChs3W5M5ji-LAAFvD4vb_EhDh42FmNoceDNvqz2E63ffKa5KpQ04viqSnYHIMx85JxGHCn76-Jmqaqg1K3offZkuFF34AoSyJnorV_OPaeKwPNdnY39iF4YfqZJz_wKUwHb_RfkjcyfnRqxG0AvOE9UYFk6bMi66Us1uSk6BCgdyUPQ6igv63qJ_iH4nuXWQszM9v8eEfZOzFuL7_md25n8GUeAM3AWoUQ1OK58hwSNAa6MzRGxwNqfRugajAN33htDm6t3RAYMDGYuYqmenlZmqaexhoc2T0-LU0l5x5JB2-UkGRWkPft9I2EW5MVB3ifa4PgyQ8nypqGwT8EDIFgLHMrdfdn8wSNbfsDw1eN5mlA3zG7KUyz3MuCwBAFSkk7WVctv09Tu3yO2ISh-zaRtnsoDG1DfgjSj48PGotbj3NlhiByJjYclh5ILhwrH_6g1O_wA5WKQ5bHakpL1onEpJjQcT82J4m1hWulDymR5traUkjQbQ8h99zAb3lHztAGN65H8HJw2uSdxc45Ng8gof_odebuTkYgrWoOGO-ov_Ww6dfJwdzTuP_rS-070hWBBCwdXhnjaE_xVowD0DPsnuvWqVjCNQouXaaOMxgHGoi209eXXE57ubiaPEdUSaqC2fGJ5ypwaPu42dnq6H6tDHiJ_QIvP-3xI2bcIPXWQh2l_7xds3B_j3Pb6j9kUvTd3JNXr7juiFfzxd8NSans34VHG7-MJAjjFJG9Kkk5WNAClc3A6qC0IbIlTOa6O_TmxHZ3A5uYG0OBpUhUfY_D63goZZJfspFSURzCwqEkB6wZBfYRnHakyrIaz71S9_JNSP1AHJaW6zazuYdGiAWLlEOjfj3dIWpRhZRof9mxoY5wtiCMpn4ZPzSbOapdbvb9lloUD6QherUU42raGf3KkC0xjvC5l4itSi3iT6aklcRNV2upEF2i11zELjKJUA0U1Usqn9tdVROu3nRQu79oyO1Aw6p3InBcB5xla1dlMQaHQjAuZt1LyMQiL8-RbGXtBvY9QvF4XITTmjRQ7JTrUblbtrKt83DpvLLKaw69L_Wi-UI-PmIW9aanWoevmy7Zs9YGjc9YT8hrkZePNYi6hNsGD9TBiNIB94T2_ByKQMvl_uPKXAtBqh129ihc9PQnZN7yBT8fIaBjwJpIri7b53IHoLW85KvYvY7SOAgyhHI-Mx1xIt0PHBNIUxVc6dnRRkXUm8h1ztgpr7pCAqqgEw1WIsG7DKwxyu_72gEwuvXoy9zcRPsslB-Nwd1TUwI8m7LUvPq2cqQi1NfazaEDaSnXz0aCbDOKzJ17VIbxf1ps_-R5UQp1hZzVU_LQtXWPQkfKJf36yi-hVcf9T_kNucFFstG4h8okHIN40_eF_VPdZwNmQggHvBLQtoayD5rT_A8SrinGIom9A1pOzvpCpsncQUqjw7wEyf6ZNiylxhBZ4vT-lfZQVKRCOwVRGLn6-IVzvoIbYHWRsPpq7saIAdRLlhvktPdhuteH0LXJSv2AgFo9jUgMw20BtKH4MKClgVqhdMERDHVkMREh20DE6dyqakkdmMN_05PtT3IGPalAwNHmCmmKyujTn4H3aCfgPTGJiaFB71URdcwY8x_7fwziACtLXZiJ14Z2cH_4XUkcFmOnGZ6X7GRmFXgpWtdkjyfGsYNGz6Q5CA1lTeYBuDWGDRo9H1chJes4QDxytbaDU-3O4ZH0QZdfH8-q7jdAvtJb0kmOTF8i2VnfLEJfp1TY_EmAnqLAAnd4jj0QZ-hpoeS2JZ2CAa8ewe0l6XQcEBlgbngTZEGpKvmRjX1CBhvbRN9dv9toWwzvv1pTyNaJ6y9HmN1Q61CI7G0VbsZHKVmezOjxyclRmeOdJ-D2CJT4MOdjo7PXrrS-1w7ALtj96e35KwnLw5xfTsrvdk3jJqsOo2qsO-aVak1EfHid14Qg8PZKe-pqUoIytmb5HeUpo-541w6zXYdKt9-tw72dWg4exvu6ATV7E-NvFCb85pb4I9fagldLpuDKaaATLB_YAa7CYaLn5v6N6NdI8_ltpVEV7H7sVPTbbEMcuHijsLLabh3XTJFIf1udLx1VSNQhI21x0cVacFhS5pOwFjHIOdnGRNqanYP4Sx1FVSF452-e7cda1WhUaQe0vidLxzFR1sK3ju58F3a50Yrig7KG1p9F9525_kcpxkqCyOVcut9pWSQkSssGTGWik95QHgrBkEoRMD47OnmDbX4xz7eW4rvETDI-bFiwxYiWXdrWnww220ryc-mPLDVFPGn4zV5-ZLGS2mXoj80PPCjGiBTMi3U27RnyMz8efix3B-h94jJ2qBB3GUHSb88hN0bbfPYyLC-JWNCkWMQenkZsy4DixubBTuMKcZbqSx_YeYl3lgcrWwktXyEK9mSaraWZ5qWJJQx_wlnN8E10wXKN0cUo0Iq6QCP9rTpPCj5UHRbe7K1n3rBJApsjr_chLSvyvTPWDIZAl_bw-6M8gmTcnKfNE2BL4QQrWvOVbWqdcrXVd2A0m1dFrLCpqa9AxW46GfbvJnKYCQ7xwna0N82h6akQV5j_L8wpl8WqtkT6RhzbsMPbC8cCIkPDflLSfIC_8IR0tzjT1photPVn9nC28DSG94sxoY-vpj8d8ZQ4vRxG6Z0YTH66StilXtO_BHUHLWP3APcfWNe4-8uopRABXuCA2SI0luPCi4bfGUDH343LcAp5wQXV3FvJX6avvIm6_mdyvbf4Wv8pKtHbJUsnYdkW6zNbhgE6B2sAwHS4l1g1E9jyorkEs0h9KkYOY8lhbNohqcPau52w-WfVfnlK07oy4uAxn8W646Y3-m_pXxM_lCdTOpBwFRHFKHILDpMXoUnNkyWmhIShl_IUh38MEc0bPd5BaKQMtPEo2WcXgfEd8TINWilMrxPdaI6c75zaOEk3mLBPmmDe&pr=6%3A0.013035&cid=CAQSGwDq26N9h8Y3V-GVtrQX1Ti7xI6PK2eGiEwjPBgBIAo&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1ODQ5NyZzaXRlSWQ9ODU1ODk2JmFkSWQ9Mzk2MzU1NiZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTEwODAwMjk4MzMyMDA4OTExNDE3JmFkU2VydmVySWQ9MjQzJmltcGlkPThBNzM4OTk5LTY4QjktNEUxQy1CQjY0LURFQ0FENkJFMDBGOCZwYXNzYmFjaz0w_url%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&ds=l&xdt=0&iif=1&cor=6088413601046698000&adk=2278428452&idt=110&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5bed53d81953fcfde16da7b82982d45753b58b7b05016005351a11cac4ef7702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33536
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame 56B2 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBLnwUAAAAAN6hbtXgUkGBvmI83GienhaSC-rF&co=aHR0cHM6Ly93d3cuZGFyYWRhaWx5LmNvbTo0NDM.&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=rhtpbeeblxwt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:35:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:35:31 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame 56B2 		403 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBLnwUAAAAAN6hbtXgUkGBvmI83GienhaSC-rF&co=aHR0cHM6Ly93d3cuZGFyYWRhaWx5LmNvbTo0NDM.&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=rhtpbeeblxwt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d64e243770a7345b699907f77f5e6789584278786ffa215802150dab0ee1d7a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164801
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 22:56:49 GMT
settings
syndication.twitter.com/ Frame 471A 		1 KB
722 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=2c41091bc36cdddc7e773c2589a63af5b0b0f5ae
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.daradaily.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
35d05550e6b74af381716ccae2c9d1a5e6eb8ae78eb80c43a4f1d55ecc4d2250
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time
109
date
Tue, 13 Dec 2022 22:57:01 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Tue, 13 Dec 2022 22:57:01 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
27fd89889a40ed2c
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
900ceb47894679a37d76b6a0993ccf1caa0cac3601b330e9f145ac3db5e36d5a
content-length
402
css
fonts.googleapis.com/ Frame A74D 		6 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Dec 2022 22:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 21:22:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Dec 2022 22:57:01 GMT
5f95c1cc2919a9df28388531193350bf.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/media/ Frame A74D 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/media/5f95c1cc2919a9df28388531193350bf.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bf984fa8148b2e414f2ae7d828c483accdd0426ad8cb1883280a2c801cedae5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 09 Dec 2022 15:58:11 GMT
x-content-type-options
nosniff
age
370730
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28070
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Dec 2023 15:58:11 GMT
24e8b2c8dde80786640a2d9b9270037d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/media/ Frame A74D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/media/24e8b2c8dde80786640a2d9b9270037d.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
764a79d7e8c4a84d8286fd262e201b8dc9ce28ef0f7650efefbcd5c1f6f61efc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 09 Dec 2022 23:39:10 GMT
x-content-type-options
nosniff
age
343071
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30583
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Dec 2023 23:39:10 GMT
undefinedz9njpo
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/ Frame A74D 		43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/undefinedz9njpo
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 13 Dec 2022 22:57:01 GMT
r
eb2.3lift.com/ Frame B020 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=adasia_allpublishers_desktop_300x250&aid=6311519678150453820750&rev=2369ca4&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=92349&brid=555344&adid=106543317&crid=105864945&ts=1670972221&bcud=14&ss=5&caid=0&unid=0&domain=f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.daradaily.com%252F&rr=creative&fid=10&rb=0&g=0&cb=56799
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
truncated
/ Frame B1F8 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame B020 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-100.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 20:06:09 GMT
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
528653
etag
"ddf020e069f1706b72b7698b28fede09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3125
x-amz-cf-id
hcjStc-EaoLuTpCemrHQCK5741QB4lEvnzpyVUhApQgZ508hc07b_w==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame B020 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-100.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 06:40:46 GMT
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
504274
etag
"7ceab27af00fa466072a3c3360041755"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3518
x-amz-cf-id
LX9yLNz75LkpOB35c-BuD9Af2fsXB2A_0kLMnvUz9Oc6cfJHLVGGPg==
ctar
eb2.3lift.com/ Frame B020 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=adasia_allpublishers_desktop_300x250&aid=6311519678150453820750&rev=2369ca4&cta_render_method=1&cta_render_text=&cb=10484
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
widget.js
widgets.outbrain.com/n2d/widget/ Frame 5888 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1f8eaef01da0375cbbddb3bce4ac839e33ce0f2777d3ff7780bacc3305fc275a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 11:22:13 GMT
server
AkamaiNetStorage
etag
"67842695b26b8ebec18a137ad8487de8:1670498985.864294"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
9421
expires
Wed, 14 Dec 2022 02:57:01 GMT
aop
eb2.3lift.com/ Frame B020 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_desktop_300x250&aid=6311519678150453820750&rev=2369ca4&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=92349&brid=555344&adid=106543317&crid=105864945&ts=1670972221&bcud=14&ss=5&caid=0&unid=0&domain=f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.daradaily.com%252F&rr=creative&fid=10&rb=0&g=0&cb=91920
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
dpixel
cms.quantserve.com/ Frame 42FF 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO6tXuIj-7UqJJKKgkZVjAg&google_cver=1&google_push=ASkJ3FYMtDDW4hnHj4RNPMjjFxWvdgt8I1W3vU0ty5YdErYxj2rGLtXK111T3DBma_3zf5GqBJauAtP4rwfCj19rNf66_YNQGTkudg
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 42FF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEL4QLB6qxvely8x2AGJMNyM&google_cver=1&google_push=ASkJ3FYd-BH4q0h9ze50e68QSJM5SHQ9V9ezrsbjUxhSmAKtSYinZON7IUWpIBvrRAP3kUlmCNAMXyG12vHe1HdD...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYd-BH4q0h9ze50e68QSJM5SHQ9V9ezrsbjUxhSmAKtSYinZON7IUWpIBvrRAP3kUlmCNAMXyG12vHe1HdDbG6E7D_1F83pmQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYd-BH4q0h9ze50e68QSJM5SHQ9V9ezrsbjUxhSmAKtSYinZON7IUWpIBvrRAP3kUlmCNAMXyG12vHe1HdDbG6E7D_1F83pmQ
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 13 Dec 2022 22:57:02 GMT
Server
MT3 180 1fd3e2d master cdg-pixel-x28 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYd-BH4q0h9ze50e68QSJM5SHQ9V9ezrsbjUxhSmAKtSYinZON7IUWpIBvrRAP3kUlmCNAMXyG12vHe1HdDbG6E7D_1F83pmQ
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 13 Dec 2022 22:57:01 GMT
google
match.adsrvr.org/track/cmf/ Frame 42FF 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJ3r9LaVIkXvotdZwz_5cFI&google_cver=1&google_push=ASkJ3FbXEMSDY1yj6AcmCtsIzZ0YF17VItVToIlAjeHBtm22SN4TrdXvH8fmVfq6gDFb-IlV8zNwftJx6a-mzjF3746fedJPDBh_
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 22:57:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 42FF
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFBB55Qm-flbBHmbL3RtGBw&google_cver=1&google_push=ASkJ3FY9SHEMDMVzyAqR9CqERdXiqVr4wk7cB0lrKXOJChcHLX6D302M1tlnlf2zpPH0QcA69ZoBtB5-jtv5NEwbezPs8Iv...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFBB55Qm-flbBHmbL3RtGBw&google_cver=1&google_push=ASkJ3FY9SHEMDMVzyAqR9CqERdXiqVr4wk7cB0lrKXOJChcHLX6D302M1tlnlf2zpPH0QcA69ZoBtB5-jtv5NEwbezPs8...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FY9SHEMDMVzyAqR9CqERdXiqVr4wk7cB0lrKXOJChcHLX6D302M1tlnlf2zpPH0QcA69ZoBtB5-jtv5NEwbezPs8Ivm4o0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FY9SHEMDMVzyAqR9CqERdXiqVr4wk7cB0lrKXOJChcHLX6D302M1tlnlf2zpPH0QcA69ZoBtB5-jtv5NEwbezPs8Ivm4o0
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FY9SHEMDMVzyAqR9CqERdXiqVr4wk7cB0lrKXOJChcHLX6D302M1tlnlf2zpPH0QcA69ZoBtB5-jtv5NEwbezPs8Ivm4o0
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 42FF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBmIO3Temmvz9z3XizWdn-I&google_cver=1&google_push=ASkJ3FZt0S31WKtAKu0nqVNyBB8bRrQpihKRC3m2y37L5VDmZLig2ufjwX-4WtFoA0NVBju6CSo0ftWq...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBmIO3Temmvz9z3XizWdn-I&google_cver=1&google_push=ASkJ3FZt0S31WKtAKu0nqVNyBB8bRrQpihKRC3m2y37L5VDmZLig2ufjwX-4WtFoA0NVBju6CSo...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ1Njk0OTQxNTE1OTM4NzgzNg&google_push=ASkJ3FZt0S31WKtAKu0nqVNyBB8bRrQpihKRC3m2y37L5VDmZLig2ufjwX-4WtFoA0NVBju6CSo0ft...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ1Njk0OTQxNTE1OTM4NzgzNg&google_push=ASkJ3FZt0S31WKtAKu0nqVNyBB8bRrQpihKRC3m2y37L5VDmZLig2ufjwX-4WtFoA0NVBju6CSo0ftWqb5dibyhbxis4cTibKR-oNA
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ1Njk0OTQxNTE1OTM4NzgzNg&google_push=ASkJ3FZt0S31WKtAKu0nqVNyBB8bRrQpihKRC3m2y37L5VDmZLig2ufjwX-4WtFoA0NVBju6CSo0ftWqb5dibyhbxis4cTibKR-oNA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 42FF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEG...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FYGmPDimxNxTLwenLueyxdJdebe21DLX9rHh755KXSNy324SUad4adchF2WaVO1RIk7N8dixoNljMcyikNdij4VIMUhG5w2ug&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-a43846d4-5c8e-4828-992a-8831793a4603-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FYGmPDimxNxTLwenLuey...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYGmPDimxNxTLwenLueyxdJdebe21DLX9rHh755KXSNy324SUad4adchF2WaVO1RIk7N8dixoNljMcyikNdij4VIMUhG5w2ug&google_hm=A6Q4RtRcjkgomSqIMXk6RgM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYGmPDimxNxTLwenLueyxdJdebe21DLX9rHh755KXSNy324SUad4adchF2WaVO1RIk7N8dixoNljMcyikNdij4VIMUhG5w2ug&google_hm=A6Q4RtRcjkgomSqIMXk6RgM
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYGmPDimxNxTLwenLueyxdJdebe21DLX9rHh755KXSNy324SUad4adchF2WaVO1RIk7N8dixoNljMcyikNdij4VIMUhG5w2ug&google_hm=A6Q4RtRcjkgomSqIMXk6RgM
date
Tue, 13 Dec 2022 22:57:02 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXa43846d45c8e4828992a8831793a4603003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 42FF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEE4SMRhCf2eMuZr8TGpH3Y8&google_cver=1&google_push=ASkJ3FaAMtB4kgrKN...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEE4SMRhCf2eMuZr8TGpH3Y8%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzQ2ODM5NTkwNDEyMzYxMDc4Nw%3D%3D&google_gid=CAESEE4SMRhCf2eMuZr8TGpH3Y8&google_cver=1&google_push=ASkJ3FaAMtB4kgrKNyF9iQBZwmIeJPWnRV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzQ2ODM5NTkwNDEyMzYxMDc4Nw%3D%3D&google_gid=CAESEE4SMRhCf2eMuZr8TGpH3Y8&google_cver=1&google_push=ASkJ3FaAMtB4kgrKNyF9iQBZwmIeJPWnRVPAfafzF1wlu_ArY--WybJ7L7zqO1XG10-QADEcH3DCOB0R8crD5FbZIKfayL3Fj_I_b8I
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 22:57:02 GMT
AN-X-Request-Uuid
c90a2b76-236b-49e0-b8a3-19241acd7b1d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzQ2ODM5NTkwNDEyMzYxMDc4Nw%3D%3D&google_gid=CAESEE4SMRhCf2eMuZr8TGpH3Y8&google_cver=1&google_push=ASkJ3FaAMtB4kgrKNyF9iQBZwmIeJPWnRVPAfafzF1wlu_ArY--WybJ7L7zqO1XG10-QADEcH3DCOB0R8crD5FbZIKfayL3Fj_I_b8I
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 42FF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L9uoerGaR5ywUo6APNuVFYtkY3xn1evPEk-A5yIugJc6Csvy-54LIW76veK1dgK62XpI8r8A
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
daradailycom.js
data.th.giraff.io/track/ 		79 B
350 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.th.giraff.io/track/daradailycom.js?r=&u=http%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&rand=0.9225396271423694&v=202210121845&vis=1&callback=cbGeo383440543&sp=h
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-daradailycom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
209.58.178.190 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
0b968126b0f107076ea1d572171b2d0b3e8bf65601128a827e4e84b90bfeeacc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
application/javascript; charset=utf-8
date
Tue, 13 Dec 2022 22:57:02 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
css
fonts.googleapis.com/ Frame BA42 		6 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Dec 2022 22:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 22:23:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Dec 2022 22:57:01 GMT
14986c7a3fcbf331142efc1cfe3dea91.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/media/ Frame BA42 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/media/14986c7a3fcbf331142efc1cfe3dea91.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f806647f88d37d884d78bdfa4bd50754cb4d3dcd8fc52c2a82ffc11e6350cfb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 09 Dec 2022 23:53:03 GMT
x-content-type-options
nosniff
age
342238
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31561
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Dec 2023 23:53:03 GMT
28f5d8da66c1978538f89b2583693dfa.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/media/ Frame BA42 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/media/28f5d8da66c1978538f89b2583693dfa.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fab16292a66e362f856092e0fb1fe26eeec7c620fbbfa383c7ebf7d77be81d8f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 09 Dec 2022 05:23:49 GMT
x-content-type-options
nosniff
age
408792
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41214
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Dec 2023 05:23:49 GMT
undefinedz9njpo
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/ Frame BA42 		43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/undefinedz9njpo
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 13 Dec 2022 22:57:01 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1E35
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:57:01 GMT
expires
Tue, 13 Dec 2022 22:57:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:57:01 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame F165
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:57:02 GMT
expires
Tue, 13 Dec 2022 22:57:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:57:01 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame F871 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQaWC0XqXFKkUe89XQoCv50Bb1feLO73KLLD7djwVjNwR5qNCLEN82Rhc4PKmhPHSMS7BVZ-hr88vroY8fiuHvpQCKVEw
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F871 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 22:57:01 GMT
l
www.google.com/ads/measurement/ Frame 47F9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQLGNXkokPD6iZc-F4eoBguoJHOKtIFwFG3wYXlRr4tFfvCrgRzFD-mxVpLQGrOw7PAgY8S3_SsCFZFvzQRcFrWNv2xXw
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 47F9 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 22:57:02 GMT
truncated
/ Frame F871 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf217ad6a4cc6f2a21bbf8cc3053cfb249bf52c5b1bf34894eb1e97d3ec5ddcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 47F9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
154106811ee46a0e3ab9f32cbdbaf57e3f0eb118bc5cb92d0b391d7e7577c96f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
sid
mug.criteo.com/ Frame C036
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=daradaily.com&sn=ChromeSyncframe&so=0&topUrl=www.daradaily.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=D3cBp3x2M1FxaXNUNHppTHI4STJla0NlVWd4SUJxclJZaWNuSjVmczV5dDliVWViK3pMUG1pTlAzekY2dUkveFBNaE91RjdrMkp5MEpKbUMwenVjSzhFalVFN3QzMHk5WUlZNnVoRlBtRzhhZGt6KzVTR2hDNTRkSmVTM0...
430 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=D3cBp3x2M1FxaXNUNHppTHI4STJla0NlVWd4SUJxclJZaWNuSjVmczV5dDliVWViK3pMUG1pTlAzekY2dUkveFBNaE91RjdrMkp5MEpKbUMwenVjSzhFalVFN3QzMHk5WUlZNnVoRlBtRzhhZGt6KzVTR2hDNTRkSmVTM0FtQlI3Q0s2eitJeER3dXZ0V3BMdlpSYXE0N3Y4SWM4OWtJemhPRVBLNEhZeEtFWU1nL3p1c05DT3pBOVNsRFVvWmNkRGN5d1UzOEIvWjFIV0dUbC9RNW13cVpYK2JiQnNTWE1BOG9rakJ0S1RmcXhBK3BlbUdWQWIraDdHQ1E0NHh5SDcxRkdXQkk2eTRvZ2gwWWFUMzAweG85Rk5Odz09fA&cppv=2
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
29e2e7b7514ce1a39bd51cbac9fb3268a1a0227018e46498ac371148eafbf49b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3285537
expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:01 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=D3cBp3x2M1FxaXNUNHppTHI4STJla0NlVWd4SUJxclJZaWNuSjVmczV5dDliVWViK3pMUG1pTlAzekY2dUkveFBNaE91RjdrMkp5MEpKbUMwenVjSzhFalVFN3QzMHk5WUlZNnVoRlBtRzhhZGt6KzVTR2hDNTRkSmVTM0FtQlI3Q0s2eitJeER3dXZ0V3BMdlpSYXE0N3Y4SWM4OWtJemhPRVBLNEhZeEtFWU1nL3p1c05DT3pBOVNsRFVvWmNkRGN5d1UzOEIvWjFIV0dUbC9RNW13cVpYK2JiQnNTWE1BOG9rakJ0S1RmcXhBK3BlbUdWQWIraDdHQ1E0NHh5SDcxRkdXQkk2eTRvZ2gwWWFUMzAweG85Rk5Odz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
501223
content-length
0
expires
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 1A88 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bz1tT1szz7c2pWe5VTlfQ_NhJhsmgHmf9VukZU65oW44dKe7KWFFobf-EosD0w48CAWxfnaGOP1ob3GbbF4TgxTnevbyXA0awUPEJ418LHyH4jS3r6F6imp3s6r3zyiWqRx2CTZGMHZgPUatrNGT-K2gR4456gH7YcROcH643dPkxo8ZA&cry=1&dbm_d=AKAmf-Dgp89SSsdaBoU4NhwiZnu5FZuwi2yNoTyoXKR_ird5auDaaIeA7qytaWHwTcF2PZpZe8RMlxK_cdduQmqFlYZQlzpqPK_VHg5LuACYOyhaegWt6t0bK4EXiMAJrrTOT_eJ1-2djaHvi0AnFjuTEvViDrk2UPcCb1o1cyhumC1HK_1SvYE_jOHaV-cwlFbZGSEXEklSJj-nU03G1JnYgYAf8LI20WjzqdGmh2PBcdyjuwVVtWJ990t3wq3yKDQwj3-Nk0pfKSIKS0qKAkChs3W5M5ji-LAAFvD4vb_EhDh42FmNoceDNvqz2E63ffKa5KpQ04viqSnYHIMx85JxGHCn76-Jmqaqg1K3offZkuFF34AoSyJnorV_OPaeKwPNdnY39iF4YfqZJz_wKUwHb_RfkjcyfnRqxG0AvOE9UYFk6bMi66Us1uSk6BCgdyUPQ6igv63qJ_iH4nuXWQszM9v8eEfZOzFuL7_md25n8GUeAM3AWoUQ1OK58hwSNAa6MzRGxwNqfRugajAN33htDm6t3RAYMDGYuYqmenlZmqaexhoc2T0-LU0l5x5JB2-UkGRWkPft9I2EW5MVB3ifa4PgyQ8nypqGwT8EDIFgLHMrdfdn8wSNbfsDw1eN5mlA3zG7KUyz3MuCwBAFSkk7WVctv09Tu3yO2ISh-zaRtnsoDG1DfgjSj48PGotbj3NlhiByJjYclh5ILhwrH_6g1O_wA5WKQ5bHakpL1onEpJjQcT82J4m1hWulDymR5traUkjQbQ8h99zAb3lHztAGN65H8HJw2uSdxc45Ng8gof_odebuTkYgrWoOGO-ov_Ww6dfJwdzTuP_rS-070hWBBCwdXhnjaE_xVowD0DPsnuvWqVjCNQouXaaOMxgHGoi209eXXE57ubiaPEdUSaqC2fGJ5ypwaPu42dnq6H6tDHiJ_QIvP-3xI2bcIPXWQh2l_7xds3B_j3Pb6j9kUvTd3JNXr7juiFfzxd8NSans34VHG7-MJAjjFJG9Kkk5WNAClc3A6qC0IbIlTOa6O_TmxHZ3A5uYG0OBpUhUfY_D63goZZJfspFSURzCwqEkB6wZBfYRnHakyrIaz71S9_JNSP1AHJaW6zazuYdGiAWLlEOjfj3dIWpRhZRof9mxoY5wtiCMpn4ZPzSbOapdbvb9lloUD6QherUU42raGf3KkC0xjvC5l4itSi3iT6aklcRNV2upEF2i11zELjKJUA0U1Usqn9tdVROu3nRQu79oyO1Aw6p3InBcB5xla1dlMQaHQjAuZt1LyMQiL8-RbGXtBvY9QvF4XITTmjRQ7JTrUblbtrKt83DpvLLKaw69L_Wi-UI-PmIW9aanWoevmy7Zs9YGjc9YT8hrkZePNYi6hNsGD9TBiNIB94T2_ByKQMvl_uPKXAtBqh129ihc9PQnZN7yBT8fIaBjwJpIri7b53IHoLW85KvYvY7SOAgyhHI-Mx1xIt0PHBNIUxVc6dnRRkXUm8h1ztgpr7pCAqqgEw1WIsG7DKwxyu_72gEwuvXoy9zcRPsslB-Nwd1TUwI8m7LUvPq2cqQi1NfazaEDaSnXz0aCbDOKzJ17VIbxf1ps_-R5UQp1hZzVU_LQtXWPQkfKJf36yi-hVcf9T_kNucFFstG4h8okHIN40_eF_VPdZwNmQggHvBLQtoayD5rT_A8SrinGIom9A1pOzvpCpsncQUqjw7wEyf6ZNiylxhBZ4vT-lfZQVKRCOwVRGLn6-IVzvoIbYHWRsPpq7saIAdRLlhvktPdhuteH0LXJSv2AgFo9jUgMw20BtKH4MKClgVqhdMERDHVkMREh20DE6dyqakkdmMN_05PtT3IGPalAwNHmCmmKyujTn4H3aCfgPTGJiaFB71URdcwY8x_7fwziACtLXZiJ14Z2cH_4XUkcFmOnGZ6X7GRmFXgpWtdkjyfGsYNGz6Q5CA1lTeYBuDWGDRo9H1chJes4QDxytbaDU-3O4ZH0QZdfH8-q7jdAvtJb0kmOTF8i2VnfLEJfp1TY_EmAnqLAAnd4jj0QZ-hpoeS2JZ2CAa8ewe0l6XQcEBlgbngTZEGpKvmRjX1CBhvbRN9dv9toWwzvv1pTyNaJ6y9HmN1Q61CI7G0VbsZHKVmezOjxyclRmeOdJ-D2CJT4MOdjo7PXrrS-1w7ALtj96e35KwnLw5xfTsrvdk3jJqsOo2qsO-aVak1EfHid14Qg8PZKe-pqUoIytmb5HeUpo-541w6zXYdKt9-tw72dWg4exvu6ATV7E-NvFCb85pb4I9fagldLpuDKaaATLB_YAa7CYaLn5v6N6NdI8_ltpVEV7H7sVPTbbEMcuHijsLLabh3XTJFIf1udLx1VSNQhI21x0cVacFhS5pOwFjHIOdnGRNqanYP4Sx1FVSF452-e7cda1WhUaQe0vidLxzFR1sK3ju58F3a50Yrig7KG1p9F9525_kcpxkqCyOVcut9pWSQkSssGTGWik95QHgrBkEoRMD47OnmDbX4xz7eW4rvETDI-bFiwxYiWXdrWnww220ryc-mPLDVFPGn4zV5-ZLGS2mXoj80PPCjGiBTMi3U27RnyMz8efix3B-h94jJ2qBB3GUHSb88hN0bbfPYyLC-JWNCkWMQenkZsy4DixubBTuMKcZbqSx_YeYl3lgcrWwktXyEK9mSaraWZ5qWJJQx_wlnN8E10wXKN0cUo0Iq6QCP9rTpPCj5UHRbe7K1n3rBJApsjr_chLSvyvTPWDIZAl_bw-6M8gmTcnKfNE2BL4QQrWvOVbWqdcrXVd2A0m1dFrLCpqa9AxW46GfbvJnKYCQ7xwna0N82h6akQV5j_L8wpl8WqtkT6RhzbsMPbC8cCIkPDflLSfIC_8IR0tzjT1photPVn9nC28DSG94sxoY-vpj8d8ZQ4vRxG6Z0YTH66StilXtO_BHUHLWP3APcfWNe4-8uopRABXuCA2SI0luPCi4bfGUDH343LcAp5wQXV3FvJX6avvIm6_mdyvbf4Wv8pKtHbJUsnYdkW6zNbhgE6B2sAwHS4l1g1E9jyorkEs0h9KkYOY8lhbNohqcPau52w-WfVfnlK07oy4uAxn8W646Y3-m_pXxM_lCdTOpBwFRHFKHILDpMXoUnNkyWmhIShl_IUh38MEc0bPd5BaKQMtPEo2WcXgfEd8TINWilMrxPdaI6c75zaOEk3mLBPmmDe&pr=6%3A0.013035&cid=CAQSGwDq26N9h8Y3V-GVtrQX1Ti7xI6PK2eGiEwjPBgBIAo&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1ODQ5NyZzaXRlSWQ9ODU1ODk2JmFkSWQ9Mzk2MzU1NiZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTEwODAwMjk4MzMyMDA4OTExNDE3JmFkU2VydmVySWQ9MjQzJmltcGlkPThBNzM4OTk5LTY4QjktNEUxQy1CQjY0LURFQ0FENkJFMDBGOCZwYXNzYmFjaz0w_url%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&ds=l&xdt=0&iif=1&cor=6088413601046698000&adk=2278428452&idt=110&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 11:00:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
42993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 11:00:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 1A88 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bz1tT1szz7c2pWe5VTlfQ_NhJhsmgHmf9VukZU65oW44dKe7KWFFobf-EosD0w48CAWxfnaGOP1ob3GbbF4TgxTnevbyXA0awUPEJ418LHyH4jS3r6F6imp3s6r3zyiWqRx2CTZGMHZgPUatrNGT-K2gR4456gH7YcROcH643dPkxo8ZA&cry=1&dbm_d=AKAmf-Dgp89SSsdaBoU4NhwiZnu5FZuwi2yNoTyoXKR_ird5auDaaIeA7qytaWHwTcF2PZpZe8RMlxK_cdduQmqFlYZQlzpqPK_VHg5LuACYOyhaegWt6t0bK4EXiMAJrrTOT_eJ1-2djaHvi0AnFjuTEvViDrk2UPcCb1o1cyhumC1HK_1SvYE_jOHaV-cwlFbZGSEXEklSJj-nU03G1JnYgYAf8LI20WjzqdGmh2PBcdyjuwVVtWJ990t3wq3yKDQwj3-Nk0pfKSIKS0qKAkChs3W5M5ji-LAAFvD4vb_EhDh42FmNoceDNvqz2E63ffKa5KpQ04viqSnYHIMx85JxGHCn76-Jmqaqg1K3offZkuFF34AoSyJnorV_OPaeKwPNdnY39iF4YfqZJz_wKUwHb_RfkjcyfnRqxG0AvOE9UYFk6bMi66Us1uSk6BCgdyUPQ6igv63qJ_iH4nuXWQszM9v8eEfZOzFuL7_md25n8GUeAM3AWoUQ1OK58hwSNAa6MzRGxwNqfRugajAN33htDm6t3RAYMDGYuYqmenlZmqaexhoc2T0-LU0l5x5JB2-UkGRWkPft9I2EW5MVB3ifa4PgyQ8nypqGwT8EDIFgLHMrdfdn8wSNbfsDw1eN5mlA3zG7KUyz3MuCwBAFSkk7WVctv09Tu3yO2ISh-zaRtnsoDG1DfgjSj48PGotbj3NlhiByJjYclh5ILhwrH_6g1O_wA5WKQ5bHakpL1onEpJjQcT82J4m1hWulDymR5traUkjQbQ8h99zAb3lHztAGN65H8HJw2uSdxc45Ng8gof_odebuTkYgrWoOGO-ov_Ww6dfJwdzTuP_rS-070hWBBCwdXhnjaE_xVowD0DPsnuvWqVjCNQouXaaOMxgHGoi209eXXE57ubiaPEdUSaqC2fGJ5ypwaPu42dnq6H6tDHiJ_QIvP-3xI2bcIPXWQh2l_7xds3B_j3Pb6j9kUvTd3JNXr7juiFfzxd8NSans34VHG7-MJAjjFJG9Kkk5WNAClc3A6qC0IbIlTOa6O_TmxHZ3A5uYG0OBpUhUfY_D63goZZJfspFSURzCwqEkB6wZBfYRnHakyrIaz71S9_JNSP1AHJaW6zazuYdGiAWLlEOjfj3dIWpRhZRof9mxoY5wtiCMpn4ZPzSbOapdbvb9lloUD6QherUU42raGf3KkC0xjvC5l4itSi3iT6aklcRNV2upEF2i11zELjKJUA0U1Usqn9tdVROu3nRQu79oyO1Aw6p3InBcB5xla1dlMQaHQjAuZt1LyMQiL8-RbGXtBvY9QvF4XITTmjRQ7JTrUblbtrKt83DpvLLKaw69L_Wi-UI-PmIW9aanWoevmy7Zs9YGjc9YT8hrkZePNYi6hNsGD9TBiNIB94T2_ByKQMvl_uPKXAtBqh129ihc9PQnZN7yBT8fIaBjwJpIri7b53IHoLW85KvYvY7SOAgyhHI-Mx1xIt0PHBNIUxVc6dnRRkXUm8h1ztgpr7pCAqqgEw1WIsG7DKwxyu_72gEwuvXoy9zcRPsslB-Nwd1TUwI8m7LUvPq2cqQi1NfazaEDaSnXz0aCbDOKzJ17VIbxf1ps_-R5UQp1hZzVU_LQtXWPQkfKJf36yi-hVcf9T_kNucFFstG4h8okHIN40_eF_VPdZwNmQggHvBLQtoayD5rT_A8SrinGIom9A1pOzvpCpsncQUqjw7wEyf6ZNiylxhBZ4vT-lfZQVKRCOwVRGLn6-IVzvoIbYHWRsPpq7saIAdRLlhvktPdhuteH0LXJSv2AgFo9jUgMw20BtKH4MKClgVqhdMERDHVkMREh20DE6dyqakkdmMN_05PtT3IGPalAwNHmCmmKyujTn4H3aCfgPTGJiaFB71URdcwY8x_7fwziACtLXZiJ14Z2cH_4XUkcFmOnGZ6X7GRmFXgpWtdkjyfGsYNGz6Q5CA1lTeYBuDWGDRo9H1chJes4QDxytbaDU-3O4ZH0QZdfH8-q7jdAvtJb0kmOTF8i2VnfLEJfp1TY_EmAnqLAAnd4jj0QZ-hpoeS2JZ2CAa8ewe0l6XQcEBlgbngTZEGpKvmRjX1CBhvbRN9dv9toWwzvv1pTyNaJ6y9HmN1Q61CI7G0VbsZHKVmezOjxyclRmeOdJ-D2CJT4MOdjo7PXrrS-1w7ALtj96e35KwnLw5xfTsrvdk3jJqsOo2qsO-aVak1EfHid14Qg8PZKe-pqUoIytmb5HeUpo-541w6zXYdKt9-tw72dWg4exvu6ATV7E-NvFCb85pb4I9fagldLpuDKaaATLB_YAa7CYaLn5v6N6NdI8_ltpVEV7H7sVPTbbEMcuHijsLLabh3XTJFIf1udLx1VSNQhI21x0cVacFhS5pOwFjHIOdnGRNqanYP4Sx1FVSF452-e7cda1WhUaQe0vidLxzFR1sK3ju58F3a50Yrig7KG1p9F9525_kcpxkqCyOVcut9pWSQkSssGTGWik95QHgrBkEoRMD47OnmDbX4xz7eW4rvETDI-bFiwxYiWXdrWnww220ryc-mPLDVFPGn4zV5-ZLGS2mXoj80PPCjGiBTMi3U27RnyMz8efix3B-h94jJ2qBB3GUHSb88hN0bbfPYyLC-JWNCkWMQenkZsy4DixubBTuMKcZbqSx_YeYl3lgcrWwktXyEK9mSaraWZ5qWJJQx_wlnN8E10wXKN0cUo0Iq6QCP9rTpPCj5UHRbe7K1n3rBJApsjr_chLSvyvTPWDIZAl_bw-6M8gmTcnKfNE2BL4QQrWvOVbWqdcrXVd2A0m1dFrLCpqa9AxW46GfbvJnKYCQ7xwna0N82h6akQV5j_L8wpl8WqtkT6RhzbsMPbC8cCIkPDflLSfIC_8IR0tzjT1photPVn9nC28DSG94sxoY-vpj8d8ZQ4vRxG6Z0YTH66StilXtO_BHUHLWP3APcfWNe4-8uopRABXuCA2SI0luPCi4bfGUDH343LcAp5wQXV3FvJX6avvIm6_mdyvbf4Wv8pKtHbJUsnYdkW6zNbhgE6B2sAwHS4l1g1E9jyorkEs0h9KkYOY8lhbNohqcPau52w-WfVfnlK07oy4uAxn8W646Y3-m_pXxM_lCdTOpBwFRHFKHILDpMXoUnNkyWmhIShl_IUh38MEc0bPd5BaKQMtPEo2WcXgfEd8TINWilMrxPdaI6c75zaOEk3mLBPmmDe&pr=6%3A0.013035&cid=CAQSGwDq26N9h8Y3V-GVtrQX1Ti7xI6PK2eGiEwjPBgBIAo&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1ODQ5NyZzaXRlSWQ9ODU1ODk2JmFkSWQ9Mzk2MzU1NiZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTEwODAwMjk4MzMyMDA4OTExNDE3JmFkU2VydmVySWQ9MjQzJmltcGlkPThBNzM4OTk5LTY4QjktNEUxQy1CQjY0LURFQ0FENkJFMDBGOCZwYXNzYmFjaz0w_url%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&ds=l&xdt=0&iif=1&cor=6088413601046698000&adk=2278428452&idt=110&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 11:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
42994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 11:00:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1A88 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTx72zEgWv7Vv7z3r0YFtPqrW_cZnFgHGyXqlQt3JPAGJWL3e8P6R7gFngb5X0Qx3TBihyhHWAOn9-_kgmq02iq6GECfgHUk6fXBC5up7xRCtUAYwgtHJxfTT57ZiDHBh3wzLZqnm-UUsWxbU-nICbM3tnjlXcb7h9X7EREBkO-x0AnckRBs4EB6QmVy3VWD1L66gXJfv6Uc7bARWNd_xeeQLxUrFvvC937YoNcn8X_tubrA4TdfmAMFXWVHyFYgE8GGGO3Lz9puHIipw6eh_7t0wzyRdlBiigw4JQvFSSHU6gPbx6d1bVlURVbkzHULICaau9Rk0ZH18odzZ9k2dyfgOasXU9Hpe5cBLnCVu05KkIx_NzB4rXUeYewO1D6Av0iSBxkKj6Qo92jyP7pUc6ka0W4AhuzjZLmkiykxSOpuD3hFc2W5C_jUUT0Gdpj_yLn5i8bQ6imvNkcVyCYN8NP6E6fgzluDCvxz5jpk9nhEZktmJpijru-IWpDQ1JHPbIJD9CXdCcOZrwa8V8d_cIqDjKiYeUOL_-JLNV1HwJizsLBtVY-wgoB6WKViAxSIRgOkA0FJnWzFjhuWDDYI76K2k1zwBpb7Q6N1mlRxw-L4S1utUWRWtXyvO70c2RULt8GNkHEeU8zftUkTtjmQ7SEjbDT8Naub62hrcxZE4wIK0iyAT79_hl_eSYGgrrZBl8-pxRRKLp3jAMm1Ozgw8KepIvKhL4vhFoAZPVMHGvkawgUA_EprfeNuYeqxaAZzzYk5MvMh5FTipOd0WvnGb7LU20Q9FrwmNfokOGCo3tXTwIxwV0_niu_qn4Mkx8FJydMuGymgZgwNYM45F5wxw9RYwWIAd_-fRNi9YmSfMpO3I9C8HGW2hfEeeZeQubtalRzYD8jXYXJhoGqU3Rqw6-RsZja3CtQAzioAvpsBKjxdNzDQv9wPZas2ERnxQ9Sa3amHI1hIhKRgKE0LXlPuDEWr9Lus2PvCKQ7M26iNdyfCiOgQwPVKtPX8LOW5rH-aEP3BirB5brscqZNCbji7a8zZnxPNUso_gAZZzRAAOorGQd10i4kkNB-MRYGwVecKo&sai=AMfl-YQW9ENheyjNKGBFACyxgOILT_Xb57JrzM9XmnDFNb-Vp8uCANqnjWzZ7GCcOaeGQDKrDP5kQ-xEi514DjsLwpjBsmpB46mGnvy6SbK0yWNkRdJjrySExh5AaGYb4ZTFHo0FlQYhIasFzG-m_Nx57IYUaFP_S_DrCUCTkIJcAKQXAe-u3c1ox7rUMA&sig=Cg0ArKJSzLUolwr2Hdm4EAE&uach_m=[UACH]&pr=6:0.013035&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221207.31343&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bz1tT1szz7c2pWe5VTlfQ_NhJhsmgHmf9VukZU65oW44dKe7KWFFobf-EosD0w48CAWxfnaGOP1ob3GbbF4TgxTnevbyXA0awUPEJ418LHyH4jS3r6F6imp3s6r3zyiWqRx2CTZGMHZgPUatrNGT-K2gR4456gH7YcROcH643dPkxo8ZA&cry=1&dbm_d=AKAmf-Dgp89SSsdaBoU4NhwiZnu5FZuwi2yNoTyoXKR_ird5auDaaIeA7qytaWHwTcF2PZpZe8RMlxK_cdduQmqFlYZQlzpqPK_VHg5LuACYOyhaegWt6t0bK4EXiMAJrrTOT_eJ1-2djaHvi0AnFjuTEvViDrk2UPcCb1o1cyhumC1HK_1SvYE_jOHaV-cwlFbZGSEXEklSJj-nU03G1JnYgYAf8LI20WjzqdGmh2PBcdyjuwVVtWJ990t3wq3yKDQwj3-Nk0pfKSIKS0qKAkChs3W5M5ji-LAAFvD4vb_EhDh42FmNoceDNvqz2E63ffKa5KpQ04viqSnYHIMx85JxGHCn76-Jmqaqg1K3offZkuFF34AoSyJnorV_OPaeKwPNdnY39iF4YfqZJz_wKUwHb_RfkjcyfnRqxG0AvOE9UYFk6bMi66Us1uSk6BCgdyUPQ6igv63qJ_iH4nuXWQszM9v8eEfZOzFuL7_md25n8GUeAM3AWoUQ1OK58hwSNAa6MzRGxwNqfRugajAN33htDm6t3RAYMDGYuYqmenlZmqaexhoc2T0-LU0l5x5JB2-UkGRWkPft9I2EW5MVB3ifa4PgyQ8nypqGwT8EDIFgLHMrdfdn8wSNbfsDw1eN5mlA3zG7KUyz3MuCwBAFSkk7WVctv09Tu3yO2ISh-zaRtnsoDG1DfgjSj48PGotbj3NlhiByJjYclh5ILhwrH_6g1O_wA5WKQ5bHakpL1onEpJjQcT82J4m1hWulDymR5traUkjQbQ8h99zAb3lHztAGN65H8HJw2uSdxc45Ng8gof_odebuTkYgrWoOGO-ov_Ww6dfJwdzTuP_rS-070hWBBCwdXhnjaE_xVowD0DPsnuvWqVjCNQouXaaOMxgHGoi209eXXE57ubiaPEdUSaqC2fGJ5ypwaPu42dnq6H6tDHiJ_QIvP-3xI2bcIPXWQh2l_7xds3B_j3Pb6j9kUvTd3JNXr7juiFfzxd8NSans34VHG7-MJAjjFJG9Kkk5WNAClc3A6qC0IbIlTOa6O_TmxHZ3A5uYG0OBpUhUfY_D63goZZJfspFSURzCwqEkB6wZBfYRnHakyrIaz71S9_JNSP1AHJaW6zazuYdGiAWLlEOjfj3dIWpRhZRof9mxoY5wtiCMpn4ZPzSbOapdbvb9lloUD6QherUU42raGf3KkC0xjvC5l4itSi3iT6aklcRNV2upEF2i11zELjKJUA0U1Usqn9tdVROu3nRQu79oyO1Aw6p3InBcB5xla1dlMQaHQjAuZt1LyMQiL8-RbGXtBvY9QvF4XITTmjRQ7JTrUblbtrKt83DpvLLKaw69L_Wi-UI-PmIW9aanWoevmy7Zs9YGjc9YT8hrkZePNYi6hNsGD9TBiNIB94T2_ByKQMvl_uPKXAtBqh129ihc9PQnZN7yBT8fIaBjwJpIri7b53IHoLW85KvYvY7SOAgyhHI-Mx1xIt0PHBNIUxVc6dnRRkXUm8h1ztgpr7pCAqqgEw1WIsG7DKwxyu_72gEwuvXoy9zcRPsslB-Nwd1TUwI8m7LUvPq2cqQi1NfazaEDaSnXz0aCbDOKzJ17VIbxf1ps_-R5UQp1hZzVU_LQtXWPQkfKJf36yi-hVcf9T_kNucFFstG4h8okHIN40_eF_VPdZwNmQggHvBLQtoayD5rT_A8SrinGIom9A1pOzvpCpsncQUqjw7wEyf6ZNiylxhBZ4vT-lfZQVKRCOwVRGLn6-IVzvoIbYHWRsPpq7saIAdRLlhvktPdhuteH0LXJSv2AgFo9jUgMw20BtKH4MKClgVqhdMERDHVkMREh20DE6dyqakkdmMN_05PtT3IGPalAwNHmCmmKyujTn4H3aCfgPTGJiaFB71URdcwY8x_7fwziACtLXZiJ14Z2cH_4XUkcFmOnGZ6X7GRmFXgpWtdkjyfGsYNGz6Q5CA1lTeYBuDWGDRo9H1chJes4QDxytbaDU-3O4ZH0QZdfH8-q7jdAvtJb0kmOTF8i2VnfLEJfp1TY_EmAnqLAAnd4jj0QZ-hpoeS2JZ2CAa8ewe0l6XQcEBlgbngTZEGpKvmRjX1CBhvbRN9dv9toWwzvv1pTyNaJ6y9HmN1Q61CI7G0VbsZHKVmezOjxyclRmeOdJ-D2CJT4MOdjo7PXrrS-1w7ALtj96e35KwnLw5xfTsrvdk3jJqsOo2qsO-aVak1EfHid14Qg8PZKe-pqUoIytmb5HeUpo-541w6zXYdKt9-tw72dWg4exvu6ATV7E-NvFCb85pb4I9fagldLpuDKaaATLB_YAa7CYaLn5v6N6NdI8_ltpVEV7H7sVPTbbEMcuHijsLLabh3XTJFIf1udLx1VSNQhI21x0cVacFhS5pOwFjHIOdnGRNqanYP4Sx1FVSF452-e7cda1WhUaQe0vidLxzFR1sK3ju58F3a50Yrig7KG1p9F9525_kcpxkqCyOVcut9pWSQkSssGTGWik95QHgrBkEoRMD47OnmDbX4xz7eW4rvETDI-bFiwxYiWXdrWnww220ryc-mPLDVFPGn4zV5-ZLGS2mXoj80PPCjGiBTMi3U27RnyMz8efix3B-h94jJ2qBB3GUHSb88hN0bbfPYyLC-JWNCkWMQenkZsy4DixubBTuMKcZbqSx_YeYl3lgcrWwktXyEK9mSaraWZ5qWJJQx_wlnN8E10wXKN0cUo0Iq6QCP9rTpPCj5UHRbe7K1n3rBJApsjr_chLSvyvTPWDIZAl_bw-6M8gmTcnKfNE2BL4QQrWvOVbWqdcrXVd2A0m1dFrLCpqa9AxW46GfbvJnKYCQ7xwna0N82h6akQV5j_L8wpl8WqtkT6RhzbsMPbC8cCIkPDflLSfIC_8IR0tzjT1photPVn9nC28DSG94sxoY-vpj8d8ZQ4vRxG6Z0YTH66StilXtO_BHUHLWP3APcfWNe4-8uopRABXuCA2SI0luPCi4bfGUDH343LcAp5wQXV3FvJX6avvIm6_mdyvbf4Wv8pKtHbJUsnYdkW6zNbhgE6B2sAwHS4l1g1E9jyorkEs0h9KkYOY8lhbNohqcPau52w-WfVfnlK07oy4uAxn8W646Y3-m_pXxM_lCdTOpBwFRHFKHILDpMXoUnNkyWmhIShl_IUh38MEc0bPd5BaKQMtPEo2WcXgfEd8TINWilMrxPdaI6c75zaOEk3mLBPmmDe&pr=6%3A0.013035&cid=CAQSGwDq26N9h8Y3V-GVtrQX1Ti7xI6PK2eGiEwjPBgBIAo&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1ODQ5NyZzaXRlSWQ9ODU1ODk2JmFkSWQ9Mzk2MzU1NiZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTEwODAwMjk4MzMyMDA4OTExNDE3JmFkU2VydmVySWQ9MjQzJmltcGlkPThBNzM4OTk5LTY4QjktNEUxQy1CQjY0LURFQ0FENkJFMDBGOCZwYXNzYmFjaz0w_url%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&ds=l&xdt=0&iif=1&cor=6088413601046698000&adk=2278428452&idt=110&cac=0&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 13 Dec 2022 22:57:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 13 Dec 2022 22:57:02 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1A88 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bz1tT1szz7c2pWe5VTlfQ_NhJhsmgHmf9VukZU65oW44dKe7KWFFobf-EosD0w48CAWxfnaGOP1ob3GbbF4TgxTnevbyXA0awUPEJ418LHyH4jS3r6F6imp3s6r3zyiWqRx2CTZGMHZgPUatrNGT-K2gR4456gH7YcROcH643dPkxo8ZA&cry=1&dbm_d=AKAmf-Dgp89SSsdaBoU4NhwiZnu5FZuwi2yNoTyoXKR_ird5auDaaIeA7qytaWHwTcF2PZpZe8RMlxK_cdduQmqFlYZQlzpqPK_VHg5LuACYOyhaegWt6t0bK4EXiMAJrrTOT_eJ1-2djaHvi0AnFjuTEvViDrk2UPcCb1o1cyhumC1HK_1SvYE_jOHaV-cwlFbZGSEXEklSJj-nU03G1JnYgYAf8LI20WjzqdGmh2PBcdyjuwVVtWJ990t3wq3yKDQwj3-Nk0pfKSIKS0qKAkChs3W5M5ji-LAAFvD4vb_EhDh42FmNoceDNvqz2E63ffKa5KpQ04viqSnYHIMx85JxGHCn76-Jmqaqg1K3offZkuFF34AoSyJnorV_OPaeKwPNdnY39iF4YfqZJz_wKUwHb_RfkjcyfnRqxG0AvOE9UYFk6bMi66Us1uSk6BCgdyUPQ6igv63qJ_iH4nuXWQszM9v8eEfZOzFuL7_md25n8GUeAM3AWoUQ1OK58hwSNAa6MzRGxwNqfRugajAN33htDm6t3RAYMDGYuYqmenlZmqaexhoc2T0-LU0l5x5JB2-UkGRWkPft9I2EW5MVB3ifa4PgyQ8nypqGwT8EDIFgLHMrdfdn8wSNbfsDw1eN5mlA3zG7KUyz3MuCwBAFSkk7WVctv09Tu3yO2ISh-zaRtnsoDG1DfgjSj48PGotbj3NlhiByJjYclh5ILhwrH_6g1O_wA5WKQ5bHakpL1onEpJjQcT82J4m1hWulDymR5traUkjQbQ8h99zAb3lHztAGN65H8HJw2uSdxc45Ng8gof_odebuTkYgrWoOGO-ov_Ww6dfJwdzTuP_rS-070hWBBCwdXhnjaE_xVowD0DPsnuvWqVjCNQouXaaOMxgHGoi209eXXE57ubiaPEdUSaqC2fGJ5ypwaPu42dnq6H6tDHiJ_QIvP-3xI2bcIPXWQh2l_7xds3B_j3Pb6j9kUvTd3JNXr7juiFfzxd8NSans34VHG7-MJAjjFJG9Kkk5WNAClc3A6qC0IbIlTOa6O_TmxHZ3A5uYG0OBpUhUfY_D63goZZJfspFSURzCwqEkB6wZBfYRnHakyrIaz71S9_JNSP1AHJaW6zazuYdGiAWLlEOjfj3dIWpRhZRof9mxoY5wtiCMpn4ZPzSbOapdbvb9lloUD6QherUU42raGf3KkC0xjvC5l4itSi3iT6aklcRNV2upEF2i11zELjKJUA0U1Usqn9tdVROu3nRQu79oyO1Aw6p3InBcB5xla1dlMQaHQjAuZt1LyMQiL8-RbGXtBvY9QvF4XITTmjRQ7JTrUblbtrKt83DpvLLKaw69L_Wi-UI-PmIW9aanWoevmy7Zs9YGjc9YT8hrkZePNYi6hNsGD9TBiNIB94T2_ByKQMvl_uPKXAtBqh129ihc9PQnZN7yBT8fIaBjwJpIri7b53IHoLW85KvYvY7SOAgyhHI-Mx1xIt0PHBNIUxVc6dnRRkXUm8h1ztgpr7pCAqqgEw1WIsG7DKwxyu_72gEwuvXoy9zcRPsslB-Nwd1TUwI8m7LUvPq2cqQi1NfazaEDaSnXz0aCbDOKzJ17VIbxf1ps_-R5UQp1hZzVU_LQtXWPQkfKJf36yi-hVcf9T_kNucFFstG4h8okHIN40_eF_VPdZwNmQggHvBLQtoayD5rT_A8SrinGIom9A1pOzvpCpsncQUqjw7wEyf6ZNiylxhBZ4vT-lfZQVKRCOwVRGLn6-IVzvoIbYHWRsPpq7saIAdRLlhvktPdhuteH0LXJSv2AgFo9jUgMw20BtKH4MKClgVqhdMERDHVkMREh20DE6dyqakkdmMN_05PtT3IGPalAwNHmCmmKyujTn4H3aCfgPTGJiaFB71URdcwY8x_7fwziACtLXZiJ14Z2cH_4XUkcFmOnGZ6X7GRmFXgpWtdkjyfGsYNGz6Q5CA1lTeYBuDWGDRo9H1chJes4QDxytbaDU-3O4ZH0QZdfH8-q7jdAvtJb0kmOTF8i2VnfLEJfp1TY_EmAnqLAAnd4jj0QZ-hpoeS2JZ2CAa8ewe0l6XQcEBlgbngTZEGpKvmRjX1CBhvbRN9dv9toWwzvv1pTyNaJ6y9HmN1Q61CI7G0VbsZHKVmezOjxyclRmeOdJ-D2CJT4MOdjo7PXrrS-1w7ALtj96e35KwnLw5xfTsrvdk3jJqsOo2qsO-aVak1EfHid14Qg8PZKe-pqUoIytmb5HeUpo-541w6zXYdKt9-tw72dWg4exvu6ATV7E-NvFCb85pb4I9fagldLpuDKaaATLB_YAa7CYaLn5v6N6NdI8_ltpVEV7H7sVPTbbEMcuHijsLLabh3XTJFIf1udLx1VSNQhI21x0cVacFhS5pOwFjHIOdnGRNqanYP4Sx1FVSF452-e7cda1WhUaQe0vidLxzFR1sK3ju58F3a50Yrig7KG1p9F9525_kcpxkqCyOVcut9pWSQkSssGTGWik95QHgrBkEoRMD47OnmDbX4xz7eW4rvETDI-bFiwxYiWXdrWnww220ryc-mPLDVFPGn4zV5-ZLGS2mXoj80PPCjGiBTMi3U27RnyMz8efix3B-h94jJ2qBB3GUHSb88hN0bbfPYyLC-JWNCkWMQenkZsy4DixubBTuMKcZbqSx_YeYl3lgcrWwktXyEK9mSaraWZ5qWJJQx_wlnN8E10wXKN0cUo0Iq6QCP9rTpPCj5UHRbe7K1n3rBJApsjr_chLSvyvTPWDIZAl_bw-6M8gmTcnKfNE2BL4QQrWvOVbWqdcrXVd2A0m1dFrLCpqa9AxW46GfbvJnKYCQ7xwna0N82h6akQV5j_L8wpl8WqtkT6RhzbsMPbC8cCIkPDflLSfIC_8IR0tzjT1photPVn9nC28DSG94sxoY-vpj8d8ZQ4vRxG6Z0YTH66StilXtO_BHUHLWP3APcfWNe4-8uopRABXuCA2SI0luPCi4bfGUDH343LcAp5wQXV3FvJX6avvIm6_mdyvbf4Wv8pKtHbJUsnYdkW6zNbhgE6B2sAwHS4l1g1E9jyorkEs0h9KkYOY8lhbNohqcPau52w-WfVfnlK07oy4uAxn8W646Y3-m_pXxM_lCdTOpBwFRHFKHILDpMXoUnNkyWmhIShl_IUh38MEc0bPd5BaKQMtPEo2WcXgfEd8TINWilMrxPdaI6c75zaOEk3mLBPmmDe&pr=6%3A0.013035&cid=CAQSGwDq26N9h8Y3V-GVtrQX1Ti7xI6PK2eGiEwjPBgBIAo&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1ODQ5NyZzaXRlSWQ9ODU1ODk2JmFkSWQ9Mzk2MzU1NiZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTEwODAwMjk4MzMyMDA4OTExNDE3JmFkU2VydmVySWQ9MjQzJmltcGlkPThBNzM4OTk5LTY4QjktNEUxQy1CQjY0LURFQ0FENkJFMDBGOCZwYXNzYmFjaz0w_url%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&ds=l&xdt=0&iif=1&cor=6088413601046698000&adk=2278428452&idt=110&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 12:48:30 GMT
166449542466260875
s0.2mdn.net/simgad/ Frame 1A88 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/166449542466260875
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f543567bbf91336ab3b655d2d29daf2fb7f09f01b830d0ac085e921c5d3039a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 13:12:53 GMT
x-content-type-options
nosniff
age
35049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14466
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 08:02:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Dec 2023 13:12:53 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 56B2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:40:09 GMT
x-content-type-options
nosniff
age
443813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 15 Dec 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 56B2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBLnwUAAAAAN6hbtXgUkGBvmI83GienhaSC-rF&co=aHR0cHM6Ly93d3cuZGFyYWRhaWx5LmNvbTo0NDM.&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=rhtpbeeblxwt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 11:55:05 GMT
x-content-type-options
nosniff
age
385317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:55:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 56B2 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBLnwUAAAAAN6hbtXgUkGBvmI83GienhaSC-rF&co=aHR0cHM6Ly93d3cuZGFyYWRhaWx5LmNvbTo0NDM.&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=rhtpbeeblxwt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 22:21:19 GMT
x-content-type-options
nosniff
age
88543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 22:21:19 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame A74D 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 20:48:04 GMT
x-content-type-options
nosniff
age
353338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18688
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 20:48:04 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame A74D 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 17:51:13 GMT
x-content-type-options
nosniff
age
104749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:51:13 GMT
Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame A74D 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:05:28 GMT
x-content-type-options
nosniff
age
384694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20496
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 12:05:28 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 56B2 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBLnwUAAAAAN6hbtXgUkGBvmI83GienhaSC-rF&co=aHR0cHM6Ly93d3cuZGFyYWRhaWx5LmNvbTo0NDM.&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=rhtpbeeblxwt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d4dc0c66eadd4b3167ccb395964b88ea5717313ab053efc1618af0064cb7f3fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBLnwUAAAAAN6hbtXgUkGBvmI83GienhaSC-rF&co=aHR0cHM6Ly93d3cuZGFyYWRhaWx5LmNvbTo0NDM.&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=rhtpbeeblxwt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 13 Dec 2022 22:57:02 GMT
bf806b00-1ce4-43e7-9078-c38865ec90da
https://www.daradaily.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.daradaily.com/bf806b00-1ce4-43e7-9078-c38865ec90da
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
ee0d4091-6bbd-46b2-a40f-942079235de4
https://www.daradaily.com/ 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.daradaily.com/ee0d4091-6bbd-46b2-a40f-942079235de4
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
pd
google-bidout-d.openx.net/w/1.0/ Frame D438 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 13 Dec 2022 22:57:02 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame BA42 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 20:48:04 GMT
x-content-type-options
nosniff
age
353338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18688
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 20:48:04 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame BA42 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 17:51:13 GMT
x-content-type-options
nosniff
age
104749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:51:13 GMT
Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame BA42 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:05:28 GMT
x-content-type-options
nosniff
age
384694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20496
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 12:05:28 GMT
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
fonts.gstatic.com/s/raleway/v28/ Frame BA42 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 23:13:56 GMT
x-content-type-options
nosniff
age
85386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21440
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:57:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 23:13:56 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3169 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=129130
content-encoding
gzip
content-length
13946
content-type
text/html
date
Tue, 13 Dec 2022 22:57:02 GMT
expires
Thu, 15 Dec 2022 10:49:12 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame 292B 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=158497&siteId=855896&adId=3963556&imprId=8A738999-68B9-4E1C-BB64-DECAD6BE00F8&cksum=9BB3E805AB083753&adType=10&adServerId=243&kefact=0.010000&kaxefact=0.010000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1670972220&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.013035&dcId=3&tldId=0&passback=0&svr=BID22632U&adsver=_2691429213&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=PAOZY25cCgBEj5-rTiTrwtZ3FW__B50ZPv5jeG6vmmJDmv4f&ekaxefact=PAOZY3lcCgB5oFG3wIuWZ5ppiRqDZ0i2Ey_4sVyqBngdm4j_&ekpbmtpfact=PAOZY4FcCgDYk0ox1ZlOq0v176cJXsJ7G5Oz4hZVaAOMwxHK&enpp=PAOZY4lcCgASqiLVjV3tmFiYvR-CrgFsMR8_DP38vjOMmkhJ&pfi=1&domId=9538169445541843615&dc=AMS&crID=460715497&lpu=granulate.io&ucrid=10800298332008911417&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=1078762067&wDspId=80&wbId=0&wrId=0&wAdvID=1262337&wDspCampId=18708902368&isRTB=1&rtbId=A7297EFB-A6AB-45A1-AAAB-AC76028A2664&ver=1&dateHr=2022121322&oid=8A738999-68B9-4E1C-BB64-DECAD6BE00F8&cntryId=58&domain=daradaily.com&sec=1&pAuSt=2&wops=0&sURL=daradaily.com&BrID=5
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 13 Dec 2022 22:57:01 GMT
expires
0
pragma
no-cache
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A88 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 22:57:02 GMT
default.css
widgets.outbrain.com/n2d/widget/100028/customCss/ Frame 5888 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/100028/customCss/default.css
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
server
AkamaiNetStorage
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
10
expires
Wed, 14 Dec 2022 02:57:02 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 5888 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Thu, 12 Jan 2023 22:57:02 GMT
/
b1t-eudc1.zemanta.com/t/imp/impression/ZHUVV7W32GYAUQRNKRSAO3DPSUIKVIET5H6AZIBGNK7IRVGN3CG2URYTZA35DKLUYNAFWTFBIBY5EWHEXCCNFVVJFUK4R6UIXO7NWR3NXJVSB5ISIBPWPTQ2553ILAFOZ7JICF7QZ7H43NARBAD65NEL44PRJG... Frame 5888 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/ZHUVV7W32GYAUQRNKRSAO3DPSUIKVIET5H6AZIBGNK7IRVGN3CG2URYTZA35DKLUYNAFWTFBIBY5EWHEXCCNFVVJFUK4R6UIXO7NWR3NXJVSB5ISIBPWPTQ2553ILAFOZ7JICF7QZ7H43NARBAD65NEL44PRJGEVPBEBIZNZTEZLQMR3JTFRMRQKAM7FNPN2BSVZJLWL7YSPFPBP6ZBXRXGPPJF3V35UGN6OTKNG7AZJRQXVW47EAN32UIV26PS2UCWI2B7HT7X5UURGMS64KQGMYCQMACWNNKDNNFMBZC6LBNTFWZBCG2S6JYUC44YHL6UBIBCT4UXR2MF5D2TLG2PIHDEQKN5YOHO2K3L7UGAOC6QO6JTQ/?
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 22:57:02 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame 1A88 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTx72zEgWv7Vv7z3r0YFtPqrW_cZnFgHGyXqlQt3JPAGJWL3e8P6R7gFngb5X0Qx3TBihyhHWAOn9-_kgmq02iq6GECfgHUk6fXBC5up7xRCtUAYwgtHJxfTT57ZiDHBh3wzLZqnm-UUsWxbU-nICbM3tnjlXcb7h9X7EREBkO-x0AnckRBs4EB6QmVy3VWD1L66gXJfv6Uc7bARWNd_xeeQLxUrFvvC937YoNcn8X_tubrA4TdfmAMFXWVHyFYgE8GGGO3Lz9puHIipw6eh_7t0wzyRdlBiigw4JQvFSSHU6gPbx6d1bVlURVbkzHULICaau9Rk0ZH18odzZ9k2dyfgOasXU9Hpe5cBLnCVu05KkIx_NzB4rXUeYewO1D6Av0iSBxkKj6Qo92jyP7pUc6ka0W4AhuzjZLmkiykxSOpuD3hFc2W5C_jUUT0Gdpj_yLn5i8bQ6imvNkcVyCYN8NP6E6fgzluDCvxz5jpk9nhEZktmJpijru-IWpDQ1JHPbIJD9CXdCcOZrwa8V8d_cIqDjKiYeUOL_-JLNV1HwJizsLBtVY-wgoB6WKViAxSIRgOkA0FJnWzFjhuWDDYI76K2k1zwBpb7Q6N1mlRxw-L4S1utUWRWtXyvO70c2RULt8GNkHEeU8zftUkTtjmQ7SEjbDT8Naub62hrcxZE4wIK0iyAT79_hl_eSYGgrrZBl8-pxRRKLp3jAMm1Ozgw8KepIvKhL4vhFoAZPVMHGvkawgUA_EprfeNuYeqxaAZzzYk5MvMh5FTipOd0WvnGb7LU20Q9FrwmNfokOGCo3tXTwIxwV0_niu_qn4Mkx8FJydMuGymgZgwNYM45F5wxw9RYwWIAd_-fRNi9YmSfMpO3I9C8HGW2hfEeeZeQubtalRzYD8jXYXJhoGqU3Rqw6-RsZja3CtQAzioAvpsBKjxdNzDQv9wPZas2ERnxQ9Sa3amHI1hIhKRgKE0LXlPuDEWr9Lus2PvCKQ7M26iNdyfCiOgQwPVKtPX8LOW5rH-aEP3BirB5brscqZNCbji7a8zZnxPNUso_gAZZzRAAOorGQd10i4kkNB-MRYGwVecKo&sai=AMfl-YQW9ENheyjNKGBFACyxgOILT_Xb57JrzM9XmnDFNb-Vp8uCANqnjWzZ7GCcOaeGQDKrDP5kQ-xEi514DjsLwpjBsmpB46mGnvy6SbK0yWNkRdJjrySExh5AaGYb4ZTFHo0FlQYhIasFzG-m_Nx57IYUaFP_S_DrCUCTkIJcAKQXAe-u3c1ox7rUMA&sig=Cg0ArKJSzLUolwr2Hdm4EAE&uach_m=[UACH]&pr=6:0.013035&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=258&vt=11&dtpt=257&dett=2&cstd=0&cisv=r20221207.31343&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bz1tT1szz7c2pWe5VTlfQ_NhJhsmgHmf9VukZU65oW44dKe7KWFFobf-EosD0w48CAWxfnaGOP1ob3GbbF4TgxTnevbyXA0awUPEJ418LHyH4jS3r6F6imp3s6r3zyiWqRx2CTZGMHZgPUatrNGT-K2gR4456gH7YcROcH643dPkxo8ZA&cry=1&dbm_d=AKAmf-Dgp89SSsdaBoU4NhwiZnu5FZuwi2yNoTyoXKR_ird5auDaaIeA7qytaWHwTcF2PZpZe8RMlxK_cdduQmqFlYZQlzpqPK_VHg5LuACYOyhaegWt6t0bK4EXiMAJrrTOT_eJ1-2djaHvi0AnFjuTEvViDrk2UPcCb1o1cyhumC1HK_1SvYE_jOHaV-cwlFbZGSEXEklSJj-nU03G1JnYgYAf8LI20WjzqdGmh2PBcdyjuwVVtWJ990t3wq3yKDQwj3-Nk0pfKSIKS0qKAkChs3W5M5ji-LAAFvD4vb_EhDh42FmNoceDNvqz2E63ffKa5KpQ04viqSnYHIMx85JxGHCn76-Jmqaqg1K3offZkuFF34AoSyJnorV_OPaeKwPNdnY39iF4YfqZJz_wKUwHb_RfkjcyfnRqxG0AvOE9UYFk6bMi66Us1uSk6BCgdyUPQ6igv63qJ_iH4nuXWQszM9v8eEfZOzFuL7_md25n8GUeAM3AWoUQ1OK58hwSNAa6MzRGxwNqfRugajAN33htDm6t3RAYMDGYuYqmenlZmqaexhoc2T0-LU0l5x5JB2-UkGRWkPft9I2EW5MVB3ifa4PgyQ8nypqGwT8EDIFgLHMrdfdn8wSNbfsDw1eN5mlA3zG7KUyz3MuCwBAFSkk7WVctv09Tu3yO2ISh-zaRtnsoDG1DfgjSj48PGotbj3NlhiByJjYclh5ILhwrH_6g1O_wA5WKQ5bHakpL1onEpJjQcT82J4m1hWulDymR5traUkjQbQ8h99zAb3lHztAGN65H8HJw2uSdxc45Ng8gof_odebuTkYgrWoOGO-ov_Ww6dfJwdzTuP_rS-070hWBBCwdXhnjaE_xVowD0DPsnuvWqVjCNQouXaaOMxgHGoi209eXXE57ubiaPEdUSaqC2fGJ5ypwaPu42dnq6H6tDHiJ_QIvP-3xI2bcIPXWQh2l_7xds3B_j3Pb6j9kUvTd3JNXr7juiFfzxd8NSans34VHG7-MJAjjFJG9Kkk5WNAClc3A6qC0IbIlTOa6O_TmxHZ3A5uYG0OBpUhUfY_D63goZZJfspFSURzCwqEkB6wZBfYRnHakyrIaz71S9_JNSP1AHJaW6zazuYdGiAWLlEOjfj3dIWpRhZRof9mxoY5wtiCMpn4ZPzSbOapdbvb9lloUD6QherUU42raGf3KkC0xjvC5l4itSi3iT6aklcRNV2upEF2i11zELjKJUA0U1Usqn9tdVROu3nRQu79oyO1Aw6p3InBcB5xla1dlMQaHQjAuZt1LyMQiL8-RbGXtBvY9QvF4XITTmjRQ7JTrUblbtrKt83DpvLLKaw69L_Wi-UI-PmIW9aanWoevmy7Zs9YGjc9YT8hrkZePNYi6hNsGD9TBiNIB94T2_ByKQMvl_uPKXAtBqh129ihc9PQnZN7yBT8fIaBjwJpIri7b53IHoLW85KvYvY7SOAgyhHI-Mx1xIt0PHBNIUxVc6dnRRkXUm8h1ztgpr7pCAqqgEw1WIsG7DKwxyu_72gEwuvXoy9zcRPsslB-Nwd1TUwI8m7LUvPq2cqQi1NfazaEDaSnXz0aCbDOKzJ17VIbxf1ps_-R5UQp1hZzVU_LQtXWPQkfKJf36yi-hVcf9T_kNucFFstG4h8okHIN40_eF_VPdZwNmQggHvBLQtoayD5rT_A8SrinGIom9A1pOzvpCpsncQUqjw7wEyf6ZNiylxhBZ4vT-lfZQVKRCOwVRGLn6-IVzvoIbYHWRsPpq7saIAdRLlhvktPdhuteH0LXJSv2AgFo9jUgMw20BtKH4MKClgVqhdMERDHVkMREh20DE6dyqakkdmMN_05PtT3IGPalAwNHmCmmKyujTn4H3aCfgPTGJiaFB71URdcwY8x_7fwziACtLXZiJ14Z2cH_4XUkcFmOnGZ6X7GRmFXgpWtdkjyfGsYNGz6Q5CA1lTeYBuDWGDRo9H1chJes4QDxytbaDU-3O4ZH0QZdfH8-q7jdAvtJb0kmOTF8i2VnfLEJfp1TY_EmAnqLAAnd4jj0QZ-hpoeS2JZ2CAa8ewe0l6XQcEBlgbngTZEGpKvmRjX1CBhvbRN9dv9toWwzvv1pTyNaJ6y9HmN1Q61CI7G0VbsZHKVmezOjxyclRmeOdJ-D2CJT4MOdjo7PXrrS-1w7ALtj96e35KwnLw5xfTsrvdk3jJqsOo2qsO-aVak1EfHid14Qg8PZKe-pqUoIytmb5HeUpo-541w6zXYdKt9-tw72dWg4exvu6ATV7E-NvFCb85pb4I9fagldLpuDKaaATLB_YAa7CYaLn5v6N6NdI8_ltpVEV7H7sVPTbbEMcuHijsLLabh3XTJFIf1udLx1VSNQhI21x0cVacFhS5pOwFjHIOdnGRNqanYP4Sx1FVSF452-e7cda1WhUaQe0vidLxzFR1sK3ju58F3a50Yrig7KG1p9F9525_kcpxkqCyOVcut9pWSQkSssGTGWik95QHgrBkEoRMD47OnmDbX4xz7eW4rvETDI-bFiwxYiWXdrWnww220ryc-mPLDVFPGn4zV5-ZLGS2mXoj80PPCjGiBTMi3U27RnyMz8efix3B-h94jJ2qBB3GUHSb88hN0bbfPYyLC-JWNCkWMQenkZsy4DixubBTuMKcZbqSx_YeYl3lgcrWwktXyEK9mSaraWZ5qWJJQx_wlnN8E10wXKN0cUo0Iq6QCP9rTpPCj5UHRbe7K1n3rBJApsjr_chLSvyvTPWDIZAl_bw-6M8gmTcnKfNE2BL4QQrWvOVbWqdcrXVd2A0m1dFrLCpqa9AxW46GfbvJnKYCQ7xwna0N82h6akQV5j_L8wpl8WqtkT6RhzbsMPbC8cCIkPDflLSfIC_8IR0tzjT1photPVn9nC28DSG94sxoY-vpj8d8ZQ4vRxG6Z0YTH66StilXtO_BHUHLWP3APcfWNe4-8uopRABXuCA2SI0luPCi4bfGUDH343LcAp5wQXV3FvJX6avvIm6_mdyvbf4Wv8pKtHbJUsnYdkW6zNbhgE6B2sAwHS4l1g1E9jyorkEs0h9KkYOY8lhbNohqcPau52w-WfVfnlK07oy4uAxn8W646Y3-m_pXxM_lCdTOpBwFRHFKHILDpMXoUnNkyWmhIShl_IUh38MEc0bPd5BaKQMtPEo2WcXgfEd8TINWilMrxPdaI6c75zaOEk3mLBPmmDe&pr=6%3A0.013035&cid=CAQSGwDq26N9h8Y3V-GVtrQX1Ti7xI6PK2eGiEwjPBgBIAo&xfc=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1ODQ5NyZzaXRlSWQ9ODU1ODk2JmFkSWQ9Mzk2MzU1NiZrYWRzaXplaWQ9OSZ0bGRJZD0wJmNhbXBhaWduSWQ9MjI5ODcmY3JlYXRpdmVJZD0wJnVjcmlkPTEwODAwMjk4MzMyMDA4OTExNDE3JmFkU2VydmVySWQ9MjQzJmltcGlkPThBNzM4OTk5LTY4QjktNEUxQy1CQjY0LURFQ0FENkJFMDBGOCZwYXNzYmFjaz0w_url%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&ds=l&xdt=0&iif=1&cor=6088413601046698000&adk=2278428452&idt=110&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 13 Dec 2022 22:57:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1A88 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6ZApUvGXgambkpRVPXWq5IWV9WcK3mWxql559V3m5hbA-fPGFlUjOSme8Tl2PElHjOMENkSBF02HiY4jK3El0kxQAz20HhozsVJXBjU75jOGtwUPLBX15y8_sITfA_s2cFa8wFXLFRzQvpdBdK2KEM3pE3BySFZnE893qbQjhVvAkWwQN0e0vk_dWOnz0lZxz1sBcxJ7EvreG-5ybTsZnozbiQfsYKT8qfZDS1kqoN08Jqv1DEnWmamOBdgAhKYhWhOIPzVkg7d2JWMbevZ8IuYV-aQ13okzq8TCNbsGSe26lXGJIe6WtOiOtzOYUen6ZwqHgJKJKl_WDRsFVeNHcrcF7aULA0676t73cVUe5WuVD5pAwMWl2-WIRINRo&sai=AMfl-YSO-D4CS03M9WNQ0XsyyH5qCypJO9Td--4vGovjsO2CPfoVW39yN212wwlo9zNq_ffD6wojw0CN-R52QyVnL9BTzvLxU-5UY_4MdS4oa5TPgc6DakC4P8VvZ9jGW6Fh2w&sig=Cg0ArKJSzI0w940n7sJZEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 13 Dec 2022 22:57:02 GMT
/
graph.facebook.com/ 		231 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=http%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&callback=_grf_5048294160160813
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-daradailycom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3082d06c68dd5cb6f0f66793a21dee2f2cc7fb16a9fdc753d651c598e64b5dac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
date
Tue, 13 Dec 2022 22:57:02 GMT
x-fb-rev
1006732677
alt-svc
h3=":443"; ma=86400
content-length
177
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
5yf9Wko36SQNma14ShIP+S08Lfza+48VfpMqrA99az3B8laWhzU/wcmSWHEBV7y7eSectCIoXaH7HyC0E9bBIQ==
x-fb-trace-id
DYMY4wQFX7f
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
A1OQf9SvscwHdmfIW5KDq4Q
cache-control
no-store
facebook-api-version
v9.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
share.php
vk.com/ 		21 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&url=http%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread&index=0
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-daradailycom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.186.225.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software
kittenx / KPHP/7.4.112846
Resource Hash
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
content-encoding
gzip
x-frontend
front632920
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.112846
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
41
dk
connect.ok.ru/ 		25 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-daradailycom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.155.208 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
ip208.155.odnoklassniki.ru
Software
apache /
Resource Hash
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
Security Headers
Name Value
Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security max-age=63072000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
content-security-policy
default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000;includeSubdomains;preload
content-encoding
br
content-security-policy-report-only
default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
rendered-blocks
WidgetExtLike
x-xss-protection
1; mode=block
pragma
no-cache
server
apache
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
5bb017c60af7fa197e1f1a0fab6b78d60f.png
zem.outbrainimg.com/p/srv/sha/53/01/ad/ Frame 5888 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/53/01/ad/5bb017c60af7fa197e1f1a0fab6b78d60f.png?w=298&h=120&fit=crop&crop=faces&fm=jpg
Requested by
Host: f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
8c4d01071187071cb22b9a1db1f1fde935dd86366f4c82839b62f65c8742b1af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
620735
x-cache
HIT, MISS, HIT
x-imgix-id
38fe463c5fd22176867e67f4c61e0db2f5e34bcf
cross-origin-resource-policy
cross-origin
content-length
14429
x-served-by
cache-sjc10076-SJC, cache-hhn-etou8220086-HHN, cache-hhn-etou8220095-HHN
x-imgix-render-farm
01.1104
last-modified
Tue, 06 Dec 2022 18:31:28 GMT
server
imgix
x-timer
S1670972222.371866,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1
truncated
/ Frame 1A88 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d72c09d82241fb33228f80c54a7238a63c8c183fb91394e5d475ade8cd4d8c16

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 20B4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
36474
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 12:49:08 GMT
expires
Wed, 13 Dec 2023 12:49:08 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 3169 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73652859&p=158497&s=855896&a=0&ptask=DSP&np=0&fp=1&rp=0&mpc=15&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5f4490a313c12696c04ab9c077ef81cbdba6ff9f1f8f18ddacb7eb1a969b12e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 22:57:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
securepubads.g.doubleclick.net/pcs/ Frame EFA3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBYxGYJoK78wmGzrFslntyfEn0fCmTvTyi3NaifEOSkWG2mgMHDo8WYDHeGv800mLgK0SQu4yFSuQFhLokeqf6VkolgLqMQUla7TlLKjHWBNcrdSqjGotrufMOx6LgZgaOrPKk-Serz_oI3cO7yj5q81H244b3MdjZZfck7fvsFp7ymShCrLwjcc2CwwSrINbS_fZKBgfYR7hWwcZMBqCFJ43B_4NXZNSQGodDTy7WbvSuGsMLyZshy7RwSpuVp3DvsCkaVHuhP7FDcAeK1uQiZ7ZeQxjDbUuwKbzya1elir99MFkgpj3NC7oOAN-FOeLSl_R9BQ-thIkWp50cdKu9PUir4i6rmIKFnvA&sai=AMfl-YT6jcc8crNJaCLqGs4cp_EqJyoIAQG1Us9Yv0h6nYNB46uArI_tzMJL74NWT2rzQbOMN_dATtJVUBWMrYqjIdywbt7V8hcuPGUfCbC9fbn29lhrHJx4Vo_RZ7X-zRSi_Q&sig=Cg0ArKJSzNRFGYj5ZA5PEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
6135.js
cnt.trvdp.com/js/1273/ Frame EFA3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.trvdp.com/js/1273/6135.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-18.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95358158bf321c43e857d8253cf3d28b21f95a3a3e53e1a7a29eede592a5896e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 08:20:44 GMT
content-encoding
br
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
last-modified
Thu, 28 Apr 2022 11:03:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
9297379
etag
W/"9bf08d1421b93df6daf3db4b56b8a57e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
xXnjqkyGyb8D-bL6BHsgQxuqFZ6Z1aPIroL_cF5lA6QINj7q72zEFQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EFA3 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 22:57:02 GMT
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame A74D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:06:09 GMT
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame BA42 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:06:09 GMT
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 20B4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:06:09 GMT
sync
eb2.3lift.com/ Frame FCD0 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=93013
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 13 Dec 2022 22:57:02 GMT
truncated
/ Frame EFA3 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec1e470afec131e4497c833d3b83a938ad482a91a0cbaeba386b40f8ff0b2eae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame EFA3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsso_LIpvsOGoY2Q9Nn86mylTgMhru9ZXVVSBPRTbiUAZ8XOZpCnydop08mu9PZzRhCbSvj-zZ6JLUEJnSmCE9xirUfTUb-hnZx3Hpj7qYhWvV_Sy9aqn8yDeCIYaNTEi2lWX9EAqk3iLkNUnSM4PZfmvE97YDQvaGm3QCuGFzHtAbVFGZcse_c2Ayl-Mnu5jlJuAlAcw2xv4hqlWDoo3646-7gc1mgqLsKOKSqMAzY0MJtKR0wnGFpkd5QZFpVQdVHvlT_20wKZf-aRQxAwI5eyzJ9Y3DcH6bw4xQmC5aVx9as3nNwfX0s4qvbfLbGo5v12ZUWrDFFVGPfsKpX70oJFgUoyZ8SJQwVM24X_0Q&sai=AMfl-YSPkjnJq_HtAN2L1_YfpAdtY_dor9z8X-WHlnA1xV76g13n1cGMSXutXss0nAuYbWYL0d4X_SC_69b85HdMAHfUgSC5i0T0kWVtxrWLTkDSJP6P3YmQn2N3Il6Ep7332w&sig=Cg0ArKJSzMKLnTKvjrcQEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 13 Dec 2022 22:57:02 GMT
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Dec 2022 22:57:02 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7D1F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:47ed6399-033e-4100-81e9-615d042fc665&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:47ed6399-033e-4100-81e9-615d042fc665&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 22:57:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 13 Dec 2022 22:57:02 GMT
Expires
Tue, 13 Dec 2022 22:57:01 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master cdg-pixel-x29 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:47ed6399-033e-4100-81e9-615d042fc665&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 8D46
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5453900713068109195
42 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5453900713068109195
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 22:57:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5453900713068109195
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 9269
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 22:57:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:57:02 GMT
expires
Tue, 13 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1783354
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 087A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 13 Dec 2022 22:57:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FDHWVK77DE4ATYHK63BE

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 13 Dec 2022 22:57:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
K0PJJ16XME4ST1C9ZKBN
Pug
simage2.pubmatic.com/AdServer/ Frame 169B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7468395904123610787&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7468395904123610787&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 22:57:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
82cfb722-addd-4630-b10a-c788cd3aed98
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 13 Dec 2022 22:57:02 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7468395904123610787&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 6826
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pTIfE6MyFU6-ZEAS8jgLTvI4E0y-ORFLpTKrkzjs
42 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pTIfE6MyFU6-ZEAS8jgLTvI4E0y-ORFLpTKrkzjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 22:57:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 13 Dec 2022 22:57:02 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=pTIfE6MyFU6-ZEAS8jgLTvI4E0y-ORFLpTKrkzjs
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 4534
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7176771046033193114&gdpr=0&gdpr_consent=
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7176771046033193114&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 22:57:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 13 Dec 2022 22:57:02 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7176771046033193114&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
image2.pubmatic.com/AdServer/ Frame 3169
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkVEQ0VFRUQtN0ZDMy00Nzc3LThDQkUtMjRDREJEMTg2QTJB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3169
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEPiN2Y2RHoZjLOYA2hW_Yk&google_cver=1
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEPiN2Y2RHoZjLOYA2hW_Yk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 22:57:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEPiN2Y2RHoZjLOYA2hW_Yk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 3169 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 12 Dec 2022 22:57:02 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3169
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7456949415159387836
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7456949415159387836
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 22:57:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7456949415159387836
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 3169 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 22:57:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 3169
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322324173939541&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=241d8454-e18e-4c48-a96d-4c6c9e6e7f2f&gdpr=&gdpr_consent=&gdpr_pd=
1 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=241d8454-e18e-4c48-a96d-4c6c9e6e7f2f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 22:57:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=241d8454-e18e-4c48-a96d-4c6c9e6e7f2f&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 13 Dec 2022 22:57:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3169 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:a6d:c1bf:1d00:7d4d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 3169
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-D4keAB5E2uU6MjEC4CZM3d5hDpKz6k8-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-D4keAB5E2uU6MjEC4CZM3d5hDpKz6k8-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-D4keAB5E2uU6MjEC4CZM3d5hDpKz6k8-~A&gdpr=0&gdpr_consent=
date
Tue, 13 Dec 2022 22:57:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
list
a.th.giraff.io/rtb/match/ 		55 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/rtb/match/list
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-daradailycom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
68373eec97343cf05d245626b50d5afad969c2384fd23eb1a7be48cfb449a39b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:03 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.daradaily.com
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-max-age
1728000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Dec 2022 22:57:02 GMT
f313d65d-d9a0-4f1f-9c02-662d46837a34
https://www.daradaily.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.daradaily.com/f313d65d-d9a0-4f1f-9c02-662d46837a34
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
gen_204
pagead2.googlesyndication.com/pagead/ Frame 20B4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKK5aPQOZY6SNNtLpgAfeu5a4CwAAAAA4AeAEAg&bg=!JySlJGDNAAYgquz3AKo7ACkAdvg8Wr0uJ0jZpu_I5-cKGBiTFJBTaMMmQVZ1twjM7AblV7KulaoXmgIAAABwUgAAAAJoAQcKAFMVqDjOZLjVos53bnXsyNskiUy0sRAemv5zG9ub_FfjjIBIEfbyJ9RD7lsyMuEg1xaUS2MF5fMDcRUYTWueT7e5W20BVpaEQs1JmPnIUEYdEYMOo5kC-vx3jJDMyNov-H2ITQd-0zDt7r-1OaZKp9nktkR4sodmJPV-f9oRUyjVRY1IgTj0HmtadOpa7XsddiUQWAUpTAMIIc-41UNWSQ4tmWbXZ-tt5MNDaoOaZ7pbpgYrlyK82Jhqn4TSuzQU5GuC6WkEow6Nmyayv2Cdyux-fEdAyowHq1oxv-qoKxdX_RxNSlcMgZrm6ZbcqmX9FzxFlX_dVMamfGJrvaMOMVHAPGFdC8qnp2flg8drjzc8lbEHwaviljvs1-rm6gEbsxs2V31BhqGPOG32bE548rx8eBw5B6E5EsE56QjaeHos66akRdRNy6cXnhXQ3YEQVSxuLVjNePfsg8NGq6iAa3U6p7mYOOcqL6QxGYG4VmgAYlunVcen6wDIMnEGgnSgSYcwtYw_6GLCHx-a4pbD8Lsdd1YBSYFTdFb5wrTLXZAxxCz1KSf4J5mx8gY8r0F7tbTxCWoD36QbuJARWeHl6sw2zQ85sOA-GeZnrGV6wGj1DlyXWeLSxo-d2EKa_ykI8a25plLlqbbuJ2oSvqwutuwV_BmPEawduYt-SAaLp2Yo9GCNSEUqY71A3eBDHLmnnuXMtdosuLmEmsNwFhonrtFGcfoM_spjv08WU5btjnX8HukCZ8wgkaPfD9nRvzfHNjIc462LnZJy8BYNVsu67hPF35VABIFb7Fmjb3wtJOzEkDa_NnV_REvEQC7Xvof5Bnh_T0sZlC3CtdCPLTFSYjnWreiAU5S9scBfFdFftNYD027e1OrYLRX_UCn6xMlk1zvnRWVO4KF6UsR6-mJQaRW7hDLKJ80Nt-XfDbdbhjjvCDLMsnpWbV51XWsW-r6oza5bz2Tvij0EiXJOwkUPjbqHDfx3xGmtzrNXJB2voZm-azKzYdlKmwx1VGXiaWorTPBPgPtEtaNe3SvjlkBsc4Dabs4jnYgZnluw-5Wxnx-0P5ryj6QailkDOgC_ozPKcNUKBhIz6TYzk8Aesww-JcRBh95kHClTykLdnaV-5T9fbA
Requested by
Host: www.daradaily.com
URL: https://www.daradaily.com/news/121632/read
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4996d543b6bde61af8dc6d694fea80b60c73f0a8250f621a9d6d5514a0b0db97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11201
x-xss-protection
0
syncframe
gum.criteo.com/ Frame D448 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.daradaily.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:57:02 GMT
server
Kestrel
server-processing-duration-in-ticks
818046
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame D448
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=daradaily.com&sn=ChromeSyncframe&so=3&topUrl=www.daradaily.com&bundle=YvbCFV9lQnNuRm5aelI4ZWdxQldVcEVkeWtjTUZVVlhjZzJtNnQ5a3FSNXdKY2h1ZDlR...
  • https://mug.criteo.com/sid?cpp=p6gexnxmck5iSUVWaGFZVnNULzh0QjdSZ2h1anh4OHA3ZFJZNVhsQmw0cTdtekZoZEpJSzRrNlF1dHpHdEdDMHVuNDJuRXRJZ0NYRmYyL3h3OXphdFNsNkt0VWpveUFHNlVUR3RUOENnODNacStnNlM3aktOeVZybDVMOX...
419 B
644 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=p6gexnxmck5iSUVWaGFZVnNULzh0QjdSZ2h1anh4OHA3ZFJZNVhsQmw0cTdtekZoZEpJSzRrNlF1dHpHdEdDMHVuNDJuRXRJZ0NYRmYyL3h3OXphdFNsNkt0VWpveUFHNlVUR3RUOENnODNacStnNlM3aktOeVZybDVMOXViWWFMYWVaTVRZN0hRM0kzWlUwdjAvYnkvUktKbGNwU2JPQXN1OTNuTVdMbGdMVzdsOXJ1UjNhMXdQa04yZjRrSStyTUJWNDJVa25tbkNTWnkvREhHcGU2MXFrc2lGc1ZlczN2NWRPZGo2L0RKR2tHZzRQVHJVWTYxUVYwSlB2VmRpcmdXOVFNU2hwa0NhTTNsZVM1MEJJYUxXb3hrQkNNUnArQ3VBMnc3a0xEeTNSak9aYz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0ef8a4eb7a678dfb83174b5e351cb304d87edaf4545d673526452613666e5117
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1810743
expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=p6gexnxmck5iSUVWaGFZVnNULzh0QjdSZ2h1anh4OHA3ZFJZNVhsQmw0cTdtekZoZEpJSzRrNlF1dHpHdEdDMHVuNDJuRXRJZ0NYRmYyL3h3OXphdFNsNkt0VWpveUFHNlVUR3RUOENnODNacStnNlM3aktOeVZybDVMOXViWWFMYWVaTVRZN0hRM0kzWlUwdjAvYnkvUktKbGNwU2JPQXN1OTNuTVdMbGdMVzdsOXJ1UjNhMXdQa04yZjRrSStyTUJWNDJVa25tbkNTWnkvREhHcGU2MXFrc2lGc1ZlczN2NWRPZGo2L0RKR2tHZzRQVHJVWTYxUVYwSlB2VmRpcmdXOVFNU2hwa0NhTTNsZVM1MEJJYUxXb3hrQkNNUnArQ3VBMnc3a0xEeTNSak9aYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
790826
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 22:57:03 GMT
sync
code.yengo.com/
Redirect Chain
  • https://s.uuidksinc.net/match/480/?remote_uid=1260432387
  • https://code.yengo.com/sync?dsp=kadam&id=1UbopSiEImO6PUMb75fX
43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.yengo.com/sync?dsp=kadam&id=1UbopSiEImO6PUMb75fX
Protocol
H2
Server
172.241.51.68 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:03 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
x-mg-request-uuid
420a9a26-2577-4f32-b2df-45f4b34f4f34
content-length
43
content-type
image/gif

Redirect headers

location
https://code.yengo.com/sync?dsp=kadam&id=1UbopSiEImO6PUMb75fX
date
Tue, 13 Dec 2022 22:57:03 GMT
server
nginx/1.19.0
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 302C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
895
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:42:08 GMT
expires
Wed, 13 Dec 2023 22:42:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1629 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cbbd6e2a1f0e42d6518094317362ada25c56bb583fd3bc60f3d694f3246f725d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JEAWmFSuODYhg9M_lo-iVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-JEAWmFSuODYhg9M_lo-iVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 22:57:03 GMT
expires
Tue, 13 Dec 2022 22:57:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 302C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:06:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:06:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1629 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=3286347942355567&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 47F9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEcyKMbWwI53CF5HRZt2D3bwMjlkt3BM05qV3q6fI6So_7Qwji1w2NgHyyGoOkCwMR1AtSs1EVyBA9fHtsCC2WGoOEf6Fs3Lq9UNnSuDKOoU1EnPHp_SQ2MRElcDmSVSRcBTE2LA&sai=AMfl-YRd8j5Fc6TuKGU1OQywQXC92xqfQhKKir0C6sC21JUgKp7aP45qD1XJL6edDEtsXPPBe7jZViJXE6wdMhPfN3vWIqmkGElVh47qsFbRCBPD4hgWVkEdvL0i1lEP_w&sig=Cg0ArKJSzDEZd45XE-qkEAE&cid=CAQSOwDq26N9WcPP-G4Pz5yn7bfXwek9J7_QQ_pfVEfcC2sypiK3UzluM9TWAqupqYF9qXaqFEvKZEjwpOi_GAEgEw&id=lidar2&mcvt=1005&p=849,1049,1449,1349&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.59&if=1&vu=1&app=0&itpl=2&adk=1281886047&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670972221279&rpt=953&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F871 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQ0lFjCdKeB-vkPjrycjxmNNEwGZGe-KzcXsq04KGZagSEzVYhuhIioGZJ5BAyytPPMpIIaxS0nkj2-l211JAJx7Sf1pxHfiPWZwb0zC9AW0Jv1h7jOldWMB7vPZDIGgOvBiQ_fw&sai=AMfl-YQ3O0TNqyEwqfLqK0RbihYyggtprt1lp7dTCxeJ19RnPrLu3TTj2pXYsB8UQRmvZU9uQBQ5K-9N2nB-eZROLU1xwwNP5DR5TPswlxU7n_zoFpOdxlavG6VSZTOYHg&sig=Cg0ArKJSzBq4Wg2nU_CzEAE&cid=CAQSOwDq26N9WcPP-G4Pz5yn7bfXwek9J7_QQ_pfVEfcC2sypiK3UzluM9TWAqupqYF9qXaqFEvKZEjwpOi_GAEgEw&id=lidar2&mcvt=1007&p=213,315,463,1285&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2735541593&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670972221274&rpt=913&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 302C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8CIPEw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
6135.js
go.trvdp.com/init/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/6135.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1273/6135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8bf99f78991a8cdeb49ad1bd0b1de20fd0cdef4a2813eeb694f2ab6bc597dd45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 00:01:14 GMT
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified
Sun, 01 May 2022 12:06:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
13301750
etag
"370bba85eaa6167b4b5b47d50951bd70"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5845
x-amz-cf-id
KteVU-u53l5J-uGAagPaEMwykWYjf_MNhZe4mT8_oZY-3ssT-gAj3Q==
activeview
pagead2.googlesyndication.com/pcs/ Frame EFA3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXWiqyDQMUzmx2zA_nAyiKoR6Tel0CHFf4jzKTeO9pENccsLcMD34cGLCJrw3DGm3JhI3xAHtFK-deka_dofH1tTBvmV6d9u_Pk-fKYR1_8lXUxKmF&sig=Cg0ArKJSzA0KkRV55RX_EAE&id=lidar2&mcvt=1000&p=1197,1599,1198,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=920851890&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670972222339&rpt=120&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.php
stg.truvidplayer.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=1273&wid=6135&cb=9222.467890843265&pid=4168&url=https%3A%2F%2Fwww.daradaily.com%2Fnews%2F121632%2Fread
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/6135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-53.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
f05826b886d7e1ac928225bb8048e95e975d5d77db853230c141d7b37254d705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:03 GMT
content-encoding
gzip
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.daradaily.com
access-control-allow-credentials
true
x-amz-cf-id
JGwWxeB2mBAdLpr6uOwrapE-fUrUB8taJ4bdWYinBu8W7JtoBI-kjw==
float.js
s.trvdp.com/scripts/v5.785/ 		466 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.785/float.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/6135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-86.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d6d647b8fba4a5b7569d4184958475a67db00e56234542ee824cadf35b5b1c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 13:11:12 GMT
content-encoding
br
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
last-modified
Sun, 06 Nov 2022 14:33:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
3145552
etag
W/"93dc232a404aee475e8fed58e67b6fcb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
4r7HM6in0HbT1y68TWbgVbKTUd53UvYFRM1SC2zfSNoTqlGR4jDfZQ==
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=3286347942355567&bg=!eHulez_NAAYgquz3AKo7ACkAdvg8WrJP3sn0RjutjXCDFiL6u0VWF7ML1F-pnDvUcurEeAZjBfX49QIAAABdUgAAAANoAQeZAtsKtjGLXfJFvvEyM5pr6CqOe8_SARjUqzaJ6ntk5KvxqHgDxFxCZafqtCWiixjJK0WL0tz-Eg4KebYlh5UvcWgpadoCbxl8Ya_e4bBWL7T8dLDG9MGZovlB2nwoKt2PrRnSG7baMa1SSlq1qolVLBhqgDKRhZthJikr6OgMfZOp0deokTKgUFImWXF16AklwT6wxaUZefo_d-2VcjMnWKjIJNfSDyEFiUjDu1nGFK7Oo_bqpZfZufx0d21nWeIZ6PdBD7o0uAFhvWQAJ2WAa-BwDIBjNnS_-rcrXdHmWGbmENKcXiSesFo9m-eDVRsf9C30pYwnc3X7yTN2s-3pIiWgQ6NNx26gSFa9IRURzXzv94WVrRIybfsDQCvfvEau-3uh-ZnKePnNs4fnwCMeRxxAR78TG9d7tfVVfqeKCGEVtbBiAo79ObnKTPpr9SKH5P6BkPXW50BoGRMSbmKbVUfzYrkjtoj1b4yc-fQtzSHh_mLkQTy5z8rW3eBqHcgghEGQWOFgpDV2vpN9za_eLgGoR1MUkgZYM4a_PRQDGNQ49od_Wln8Z7uOjAyFCK9hMnhSGdMxrulSCY9KoDMwPURzc85M6C0HAN4QxTq75SoUiQO7RBNjmbK_wgoZ6nVUuM5bM0xgpNT5zj-4n3mAJN-9AzrLJJfh1WVU9uHCa6DJT0fJj0NTMeJiMb4VvCP5SKeylHjlZIe67bgv2oM6-tI5rbkqYTqBKs3ws4_M5zv4tBu9pHiRGqxZnQRQNsHenY0ICzyzm5Jp5qhkO-ZljhbF26EtDzpg_8VOUbEEUddpu60y7dirSnaYEQTZFu8pptSQGDC_QY-m26fdFO_5RVYkoIr5rD4jkWm9BFna3jcDIsfSUOkrI91sGTp4mBuRwsMtqzEKiT8r6TZiLrji1zgN1Tnnqi7TqQeb2DLETFpOpqGW1QHj5BK89LO2m_nNQXtpAAgOsjK8Ztb9Gw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
cors
data.ad-score.com/score/ 		52 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=www.daradaily.com&l1=6135&l2=daradaily.com&l3=DE&l4=desktop&l5=5.785&cb=0.9755688626688286
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.785/float.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 22:57:04 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://www.daradaily.com
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
52
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A88 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1806075967797&version=m202209210101&ct=2&x=6&cor=6088413601046698000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 3169 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158497&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.daradaily.com%2F&domain=www.daradaily.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=zBLjT3xkb2VEczJGMTlZS1BsUzV0b3BnV1cwQzgxbWE1d2JhQlNocUdPKy9uOVpWNU84cjFvNlZhSEREajZoVnJRaWpKbldRR0daMUFTVVZmVGRJajhZTmE0dlFsQ3RtVGJEREY2MUc3OU15TjRxQmVNV2pDVi9VUFVJRG...
418 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=zBLjT3xkb2VEczJGMTlZS1BsUzV0b3BnV1cwQzgxbWE1d2JhQlNocUdPKy9uOVpWNU84cjFvNlZhSEREajZoVnJRaWpKbldRR0daMUFTVVZmVGRJajhZTmE0dlFsQ3RtVGJEREY2MUc3OU15TjRxQmVNV2pDVi9VUFVJRGs5Mm95clJ3eWtSRkRaRy9HMlZtSnRaWDJ2S3JrR212TU9QaU5wYXgrN2dPMGNCcFVPOFcwMDhITjd0OXFqOEFFN1BSd0VCR1hWaFpod0N6bFpOT3piOEtyNTVuVndPZDdIUnhPc1RaTG83ZzFnOFhFSE1QUDN6U29EYmlQWlA3T1FKOVliS25wUGVYNGROeUNGQ2NaYXZIY21rbFQ0M0Jya0VHTDE5Wkdubjdmc0U0T3Rtdz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9e19e89ff69e45cabae530a7ff35e757405d00b23f0f9dbed3e21d79249daef7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.daradaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:06 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1692994
expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:06 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=zBLjT3xkb2VEczJGMTlZS1BsUzV0b3BnV1cwQzgxbWE1d2JhQlNocUdPKy9uOVpWNU84cjFvNlZhSEREajZoVnJRaWpKbldRR0daMUFTVVZmVGRJajhZTmE0dlFsQ3RtVGJEREY2MUc3OU15TjRxQmVNV2pDVi9VUFVJRGs5Mm95clJ3eWtSRkRaRy9HMlZtSnRaWDJ2S3JrR212TU9QaU5wYXgrN2dPMGNCcFVPOFcwMDhITjd0OXFqOEFFN1BSd0VCR1hWaFpod0N6bFpOT3piOEtyNTVuVndPZDdIUnhPc1RaTG83ZzFnOFhFSE1QUDN6U29EYmlQWlA3T1FKOVliS25wUGVYNGROeUNGQ2NaYXZIY21rbFQ0M0Jya0VHTDE5Wkdubjdmc0U0T3Rtdz18&cppv=2
access-control-allow-origin
https://www.daradaily.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
509879
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.daradaily.com%2F&domain=www.daradaily.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.daradaily.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.daradaily.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 13 Dec 2022 22:57:06 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
237166
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 6929 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
535
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77924c018de69b25-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 22:57:06 GMT
expires
Wed, 14 Dec 2022 02:57:06 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3BEF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=44150
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 22:57:06 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 14 Dec 2022 11:12:56 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 1643 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 13 Dec 2022 22:57:06 GMT
pd
u.openx.net/w/1.0/ Frame 0BCC 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 13 Dec 2022 22:57:06 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1880 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 22:57:06 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 22:57:08 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 24E7 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C208%2C2055%2C3020%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C182%2C141%2C222%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4906/prebid_2022_12_1_2_51_33.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
17855442fe8f55e7db2260b58742478d8cffad82906398774db0ae03a5be4047
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.daradaily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=146354
content-encoding
gzip
content-length
8268
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 22:57:06 GMT
expires
Thu, 15 Dec 2022 15:36:20 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
PugMaster
image6.pubmatic.com/AdServer/ Frame 3BEF 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47406357&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c6a527065c58905bc461b37d5dda3cfb33d447291df858202a346a94a8e30036

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 22:57:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rtset
bh.contextweb.com/bh/ Frame EB7E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDWWMwN0hNZ2NBQUNCZlZuYlVodw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACYc07HMgcAACBfVnbUhw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5514918693440553219&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACYc07HMgcAACBfVnbUhw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5514918693440553219%26gdpr%3D0%26gdpr_consen...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 831A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3kB7cwppSEdUjrvN3uHsT9ly2hQ
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3kB7cwppSEdUjrvN3uHsT9ly2hQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 22:57:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Tue, 13 Dec 2022 22:57:07 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3kB7cwppSEdUjrvN3uHsT9ly2hQ
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 8687
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
85 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y5kDQgAAAQXWkwAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3032
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 13 Dec 2022 22:57:07 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
16006
x-served-by
cache-hhn-etou8220044-HHN
x-timer
S1670972227.030260,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 13 Dec 2022 22:57:07 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y5kDQgAAAQXWkwAF
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn-etou8220044-HHN
x-timer
S1670972227.915596,VS0,VE92
Pug
simage2.pubmatic.com/AdServer/ Frame 109B
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 22:57:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 13 Dec 2022 22:57:07 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame B5FD
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77924c053b979268-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 22:57:07 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77924c023f189268-FRA
content-type
text/html
date
Tue, 13 Dec 2022 22:57:07 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1174
bridge
cm.adgrx.com/ Frame F2BA 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 13 Dec 2022 22:57:06 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-3
generic
match.adsrvr.org/track/cmf/ Frame 5C7A
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3183513182
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3183513182
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 13 Dec 2022 22:57:06 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 13 Dec 2022 22:57:06 GMT
etag
RXa43846d45c8e4828992a8831793a4603003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3183513182
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cookiesync
core.iprom.net/ Frame 4DB6 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 13 Dec 2022 22:57:06 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-a10e7fd3aa4d@version_1.531
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 2AD7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 13 Dec 2022 22:57:07 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=de6c8cc57ea5c998/gdpr=0/ Frame C653
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=de6c8cc57ea5c998/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=de6c8cc57ea5c998/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QnUjSjjVTngVjRRS
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.187.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Tue, 13 Dec 2022 22:57:07 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.30.103

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=de6c8cc57ea5c998/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QnUjSjjVTngVjRRS
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3BEF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_tzu7X_DR3eMviTNvRhqKg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:06 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=44150
accept-ranges
bytes
content-length
5549
expires
Wed, 14 Dec 2022 11:12:56 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3BEF 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77924c02392a697b-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame 3BEF 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.187.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:06 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.30.103
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 3BEF
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=4036108025
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
34.111.131.239 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:07 GMT
via
1.1 google
last-modified
Tue, 13 Dec 2022 22:57:07 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A
date
Tue, 13 Dec 2022 22:57:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
current
pubmatic-match.dotomi.com/match/bounce/ Frame 3BEF 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:07 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3BEF 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 13 Dec 2022 22:57:06 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3BEF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3297976066382400534&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3297976066382400534&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 22:57:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3297976066382400534&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 13 Dec 2022 22:57:06 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 3BEF
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d11f4fba-a635-4513-849b-c8e8537b2c5a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d11f4fba-a635-4513-849b-c8e8537b2c5a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 22:57:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d11f4fba-a635-4513-849b-c8e8537b2c5a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 13 Dec 2022 22:57:06 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 3BEF
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7468395904123610787
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7468395904123610787
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 22:57:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 22:57:06 GMT
AN-X-Request-Uuid
dd391f70-5d73-4648-beaf-8877feaa280e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7468395904123610787
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8B7C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0cef1f77dcd82a9882b9711181e12181b3dc8a49d9e6a8257fde4b987d6a75c

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77924c02ac8f90ba-FRA
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 22:57:07 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p48ptm8x9p31LAfoGfXZHJBVXNWAxEF6yxo0a6qfVJ6uqBDTiC2K93APfBK4ylf5YX8gJ1GMfQph18ul4GOYpN9FO3G%2B7P2ZkIrdHM4y0hCaGpi8O6JObqWIMuCmC70PM6wiFnH7KJK5Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77924c02489e901f-FRA
content-length
0
date
Tue, 13 Dec 2022 22:57:06 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VG8NkFQg%2FnJoScoIYuf0gysei6vdzPewNmalNJhvEKr8rG%2B73A8CrP%2FpUC%2FEAGf1rrOLqwOTv9g163N%2BqOW2rq41YR3cieJWUkt6JbgJwxoQUu8cpEYpTUHCSHK3uQs%2Fz2niNyU7cL97IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 1880 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 22:57:06 GMT
AN-X-Request-Uuid
fe89eecc-8ea4-45df-810b-94069c773274
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=zBLjT3xkb2VEczJGMTlZS1BsUzV0b3BnV1cwQzgxbWE1d2JhQlNocUdPKy9uOVpWNU84cjFvNlZhSEREajZoVnJRaWpKbldRR0daMUFTVVZmVGRJajhZTmE0dlFsQ3RtVGJEREY2MUc3OU15TjRxQmVNV2pDVi9VUFVJRGs5Mm95clJ3eWtSRkRaRy9HMlZtSnRaWDJ2S3JrR212TU9QaU5wYXgrN2dPMGNCcFVPOFcwMDhITjd0OXFqOEFFN1BSd0VCR1hWaFpod0N6bFpOT3piOEtyNTVuVndPZDdIUnhPc1RaTG83ZzFnOFhFSE1QUDN6U29EYmlQWlA3T1FKOVliS25wUGVYNGROeUNGQ2NaYXZIY21rbFQ0M0Jya0VHTDE5Wkdubjdmc0U0T3Rtdz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 13 Dec 2022 22:57:06 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
215475
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
casale
match.adsrvr.org/track/cmf/ Frame 8B7C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 22:57:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 8B7C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5kDQgPJ.Yj.1g1pxAQUnAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKCqZV-gbzXs1W0idtmFWNM&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKCqZV-gbzXs1W0idtmFWNM&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 22:57:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKCqZV-gbzXs1W0idtmFWNM&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8B7C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5kDQgPJ-Yj-1g1pxAQUnAAAFCEAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENInu2kYWyLq6F55QOOQ-lw&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENInu2kYWyLq6F55QOOQ-lw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdvlsPY2T855BurA9DaHTVP3XUe2lkzS%2BRMmEmLnTAi6pj%2BH%2FkquQGeNehB1yBiRSslrX34o7fivCUZnpGDbZWbjoiwRE%2BvV5xQDivg8EQoyUzi4GB4wUS5Y5vgFnpBR0ffxuTJpp%2BEV6A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77924c056f1190ba-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 22:57:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENInu2kYWyLq6F55QOOQ-lw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8B7C 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5kDQgPJ-Yj-1g1pxAQUnAAAFCEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 22:57:07 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0PP87N9E83VHY4D79QEX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8B7C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7468395904123610787
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7468395904123610787
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 22:57:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 22:57:07 GMT
AN-X-Request-Uuid
6a352ef7-cf3c-4e59-8edd-480344d4e410
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7468395904123610787
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y5kDQgPJ-Yj-1g1pxAQUnAAAFCEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8B7C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5kDQgPJ-Yj-1g1pxAQUnAAAFCEAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5kDQgPJ-Yj-1g1pxAQUnAAAFCEAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5kDQgPJ-Yj-1g1pxAQUnAAAFCEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
2a05:d018:d29:3605:a6d:c1bf:1d00:7d4d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5kDQgPJ-Yj-1g1pxAQUnAAAFCEAAAAB
date
Tue, 13 Dec 2022 22:57:07 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 8B7C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=b1C1GJul1P5ecX5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=b1C1GJul1P5ecX5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 22:57:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 22:57:07 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-001aff4bca77297e8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=b1C1GJul1P5ecX5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8B7C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=47ed6399-033e-4100-81e9-615d042fc665
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=47ed6399-033e-4100-81e9-615d042fc665
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 22:57:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 13 Dec 2022 22:57:07 GMT
Server
MT3 213 8a239d6 master cdg-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=47ed6399-033e-4100-81e9-615d042fc665
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 13 Dec 2022 22:57:06 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 8B7C 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5kDQgPJ.Yj.1g1pxAQUnAAA%265153
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.daradaily.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:57:07 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
1584
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77924c059d7668e9-FRA
content-length
43
expires
Wed, 14 Dec 2022 22:57:07 GMT
async_usersync
ib.adnxs.com/ Frame 1880 		0
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 22:57:07 GMT
AN-X-Request-Uuid
90a07826-b598-48d2-9fe2-9d27912e5529
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACYc07HMgcAACBfVnbUhw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5514918693440553219%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0

Verdicts & Comments Add Verdict or Comment

277 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| oncontentvisibilityautostatechange function| $ function| jQuery object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS object| atspbjs function| ptag object| gptadslots object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _taboola function| fbAsyncInit object| _gaq function| fbq function| _fbq object| loaded_blocks_yengo object| atspbjsChunk object| _pbjsGlobals object| mnet object| Criteo object| ggeac object| google_tag_data object| google_js_reporting_queue object| __twttrll object| twttr object| __twttr function| abdro_init_function object| Handlebars object| adbro object| TRC object| _tblConsole undefined| msg object| LineIt object| FB object| _gat object| gaGlobal function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| recaptcha undefined| google_measure_js_timing object| google_reactive_ads_global_state object| __buffer object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| adbro_readMore function| callptag object| _mgIntExchangeNews object| MarketGidInfC1380045 boolean| mg_loaded_841419_1380045 object| onClickExcludes function| mgReject1380045 function| mgLoadAds1380045_0e686 function| MarketGidCReject1380045 function| MarketGidLoadGoods1380045_0e686 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint841419 string| _mgCanonicalUri object| _mgPageView841419 string| _mgPvid boolean| i.js.loaded boolean| i-noref.js.loaded function| show_popup function| hide_popup function| setImmediate function| clearImmediate object| ID5 boolean| giraffDebugInit object| giraff function| grf_change_article function| grf_run_widget object| pbjs object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_ba function| sync16589_b undefined| sync16589_c undefined| sync16589_ca undefined| sync16589_d function| sync16589_e object| sync16589_g function| sync16589_da function| sync16589_ea object| sync16589_ object| sync16589_ha object| sync16589_o object| sync16589_ta object| sync16589_K function| sync16589_aa function| sync16589_a function| sync16589_f function| sync16589_h function| sync16589_i function| sync16589_j function| sync16589_k function| sync16589_ga function| sync16589_fa function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_p function| sync16589_ia function| sync16589_ja function| sync16589_r function| sync16589_ka function| sync16589_s function| sync16589_t function| sync16589_q function| sync16589_u function| sync16589_la function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_C function| sync16589_ma function| sync16589_G function| sync16589_H function| sync16589_na function| sync16589_oa function| sync16589_I function| sync16589_J function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_L function| sync16589_M function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_Z function| sync16589_X function| sync16589__ function| sync16589_Y function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_3 function| sync16589_8 function| sync16589_ua function| sync16589_4 function| sync16589_6 function| sync16589_va function| sync16589_wa function| sync16589_9 function| sync16589_7 function| sync16589_5 function| sync16589_xa function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_$ function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 function| loadHtml5LightBox function| finishTabifier function| cleanHTML function| tabs function| cleanTag function| placeTag function| cleanCSS function| cleanCStyle function| cleanJson function| buildCodeBlocks function| getHtml object| scrolltotop object| hljs number| level number| LOOP_SIZE object| ownLine object| contOwnLine object| lineBefore object| newLevel function| _extends function| _typeof object| Modernizr object| respond function| yepnope object| lineAfter object| PerfectScrollbar object| Ps function| LazyLoad object| Stickyfill object| html5Lightbox object| closure_lm_282262 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_132 object| Criteo_identitytag_132 object| googDdmPs function| cbGeo383440543 object| MarketGidInfC1396708 boolean| mg_loaded_841419_1396708 undefined| _grf_5048294160160813 undefined| VK undefined| ODKL function| mgReject1396708 function| mgLoadAds1396708_0d490 function| MarketGidCReject1396708 function| MarketGidLoadGoods1396708_0d490 object| criteo_pubtag_prebid_132 object| Criteo_prebid_132 boolean| MarketGidCSvsdsFlag object| GoogleGcLKhOms object| google_image_requests object| brWidgetInit object| truvid_protected

78 Cookies

Domain/Path Name / Value
www.daradaily.com/ Name: PHPSESSID
Value: 96fe6376804f14fe3bdc01b730540d64
.mgid.com/ Name: __cf_bm
Value: NRMwJA4cI0tB3_jaPtjU1YiUuaihMVjokljWpfRbXD0-1670972220-0-AcAWqceLgXV1XCleyWcRJO8oM4q/AGM6uH9JzXSaaG/CBoANFJEv8GFQHqAQnspA/clA8S9ASBlBJw3T42gxc7Q=
www.daradaily.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.daradaily.com/ Name: __utma
Value: 36404021.346850570.1670972221.1670972221.1670972221.1
.daradaily.com/ Name: __utmc
Value: 36404021
.daradaily.com/ Name: __utmz
Value: 36404021.1670972221.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.daradaily.com/ Name: __utmt
Value: 1
.daradaily.com/ Name: __utmb
Value: 36404021.1.10.1670972221
.daradaily.com/ Name: _fbp
Value: fb.1.1670972220858.591767350
.yengo.com/ Name: nid
Value: F2r5X2OZAz0YxWK7x+FgAg==
.doubleclick.net/ Name: IDE
Value: AHWqTUmyP_7SNKjaWN8qi72RpCwmJpNU0hiQSg6_121WwYTY7RtBRM10LDxHaU_SCzw
.daradaily.com/ Name: __gads
Value: ID=87f209afcb48f620:T=1670972220:S=ALNI_Ma8QBvJOr9WhB0EVDv7nX52xFO0Eg
.daradaily.com/ Name: __gpi
Value: UID=00000b91dbadf8e9:T=1670972220:RT=1670972220:S=ALNI_MZxV-MSkwZBqUsgBUeM_Y--6ZZxvA
.daradaily.com/ Name: lotame_domain_check
Value: daradaily.com
.openx.net/ Name: i
Value: 0278b4bd-2b84-4ea1-b7d5-04ffb49408d6|1670972221
.criteo.com/ Name: uid
Value: 11711da1-dc7b-49f3-848a-732fe68b8bfd
ads.smartstream.tv/ Name: DID
Value: 0eedbda833cf380435682f1dc9e0afed
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
www.daradaily.com/ Name: _grf_vis
Value: 1
.quantserve.com/ Name: mc
Value: 6399033d-ef8a9-da95f-87a63
.adnxs.com/ Name: uuid2
Value: 7468395904123610787
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mathtag.com/ Name: uuid
Value: 47ed6399-033e-4100-81e9-615d042fc665
.mathtag.com/ Name: mt_mop
Value: 4:1670972222
.adform.net/ Name: C
Value: 1
cm.adsafety.net/ Name: UID
Value: CM12022121322c38841e31e8fae80910
.adsafety.net/ Name: cm_uid
Value: CM12022121322c38841e31e8fae80910
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvazdnZnBKTVZWMFlYank1SGppTi9TemJtRWovYW5KTEhWYjhzR3AwakZKNnZKZ3NtR05veFpsTU5JMjZ0amlQbFFhRytyc2dCYmZySWFTTGN5S0FrQVMxcHN0OWtnajJQUldVT1p1Q1RNdi9XbExUM202bHZ3R3VOdytXc0ZkbHQvQ240WWt0SWljSUtLN01RM1FxWURsRlp0WjlaWVI4UDBSa1NGMTJkMUxrKzkxNDZldENqR1Z1aFpEVjFobEJKSEFWenA0alZJck9yVDhQM3JsZmF0UkVMRFBrQ1BMSmY4MTNOK0V6b0V2RXpsUWlVR0wzTUtYTDFEV2orZSs3UWpaZGtNMlZwemVmSXVCbytMSys0ZkhzRS9NVll6YlFOTEVtSXdHcU0rRUVXUDl0bVM3WWZzYTI5K3hvcHUwVlVRPT0%3D
.de17a.com/ Name: guid
Value: 1.5453900713068109195
.adform.net/ Name: uid
Value: 7456949415159387836
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a43846d4-5c8e-4828-992a-8831793a4603-003%22%7D
.vk.com/ Name: remixlang
Value: 6
.vk.com/ Name: remixstlid
Value: 9053167196966222052_79SWuG24knpwOU59ru5zrzdcerGaMnkS8yYHFlkxrz0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A
.th.giraff.io/ Name: gid
Value: 0TqyvmOZAz4/xRIzBVxhAg==
www.daradaily.com/ Name: _grf_uid
Value: 1260432387
www.daradaily.com/ Name: _grf_cm
Value: 1
.quantserve.com/ Name: d
Value: EJkBDgHmJ4EO-TA
www.daradaily.com/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C1380045%22%3A%7B%22page%22%3A1%2C%22time%22%3A1670972221005%7D%2C%22C1396708%22%3A%7B%22page%22%3A1%7D%7D
.adfarm1.adition.com/ Name: UserID1
Value: 7176771046033193114
.bidswitch.net/ Name: tuuid
Value: 241d8454-e18e-4c48-a96d-4c6c9e6e7f2f
.bidswitch.net/ Name: c
Value: 1670972222
.bidswitch.net/ Name: tuuid_lu
Value: 1670972222
.yahoo.com/ Name: A3
Value: d=AQABBD4DmWMCEO1dbLdeB8xNQ8v0zbfhoNEFEgEBAQFUmmOiYwAAAAAA_eMAAA&S=AQAAAhE8XIeu7MTbU8BmTwYujEg
.simpli.fi/ Name: suid
Value: 21A7CEDC73D24A77B751B5F61DE79C47
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~28ty
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5453900713068109195
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEEPiN2Y2RHoZjLOYA2hW_Yk&KRTB&16514-CAESEEPiN2Y2RHoZjLOYA2hW_Yk&KRTB&23025-CAESEEPiN2Y2RHoZjLOYA2hW_Yk&KRTB&23386-CAESEEPiN2Y2RHoZjLOYA2hW_Yk
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-pTIfE6MyFU6-ZEAS8jgLTvI4E0y-ORFLpTKrkzjs&KRTB&19420-pTIfE6MyFU6-ZEAS8jgLTvI4E0y-ORFLpTKrkzjs&KRTB&22979-pTIfE6MyFU6-ZEAS8jgLTvI4E0y-ORFLpTKrkzjs&KRTB&23403-pTIfE6MyFU6-ZEAS8jgLTvI4E0y-ORFLpTKrkzjs
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7468395904123610787&KRTB&23339-7468395904123610787
.pubmatic.com/ Name: PugT
Value: 1670972222
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7456949415159387836&KRTB&23263-7456949415159387836
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:47ed6399-033e-4100-81e9-615d042fc665&KRTB&16736-uid:47ed6399-033e-4100-81e9-615d042fc665&KRTB&23019-uid:47ed6399-033e-4100-81e9-615d042fc665&KRTB&23208-uid:47ed6399-033e-4100-81e9-615d042fc665
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7176771046033193114&KRTB&23278-7176771046033193114&KRTB&23369-7176771046033193114
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZm5gaW4EBOamlgB2VRIAEAAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjE0N7Y0tjQ1MRTiM9TV9XfMDTCxLPCszEoCAAe1oAYlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjE0N7Y0tjQ1MRTiM9TV9XfMDTCxLPCszEoCAAe1oAYlAAAA
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-241d8454-e18e-4c48-a96d-4c6c9e6e7f2f
.amazon-adsystem.com/ Name: ad-id
Value: A21M3OjZyUGKsRidONTGA1E
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.daradaily.com/ Name: cto_bundle
Value: _zespl9lQnNuRm5aelI4ZWdxQldVcEVkeWtUNyUyRmxhYnA2SktKaHA0MlNXYjZPN2Y2VTVpRUNiQ1RZb3l4SlNkbjc5bklDZE9nQm45ekQ3eXpPZ1hDR1ZpdWpPa2ZWcWdpOEhIcWlLUldPMEZscDFhQ2toaGE2RlQ5Q1lUTWxnSm1UTUlIMjVqd2NseGxDSiUyQmc1VHJQWENSUUd3JTNEJTNE
.uuidksinc.net/ Name: jcsuuid
Value: 1UbopSiEImO6PUMb75fX
data.ad-score.com/ Name: token
Value: FVOMzZMvFtQeB-f53b-UFQvOhWjirdch
.pubmatic.com/ Name: SPugT
Value: 1670972224
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 158497:3
.pubmatic.com/ Name: DPSync3
Value: 1672099200%3A201_227_245_241
.pubmatic.com/ Name: SyncRTB3
Value: 1673481600%3A203%7C1672185600%3A35%7C1671753600%3A63%7C1671494400%3A2_15_223%7C1672099200%3A3_161_54_165_238_13_220_166_243_7_251_22_234_99_88_56_71_233_55_176_81_204_21_8
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a43846d4-5c8e-4828-992a-8831793a4603-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.weborama.fr/ Name: AFFICHE_W
Value: M1oqcghUf1oz64
ads.playground.xyz/ Name: connect.sid
Value: s%3A5arhmKW9UxIcJhytvk2iHtK-SexrEk5G.9XiVHF%2BUldl%2FwxR4oeD31mmFIwN5VgyFuLtYY43%2B%2FSs
.zeotap.com/ Name: zc
Value: 06f6d9ee-82f0-48ab-4de4-fc7490728ead
.adsby.bidtheatre.com/ Name: __kuid
Value: d11f4fba-a635-4513-849b-c8e8537b2c5a.440186226
.casalemedia.com/ Name: CMID
Value: Y5kDQgPJ.Yj.1g1pxAQUnAAA
.casalemedia.com/ Name: CMPS
Value: 5153
.casalemedia.com/ Name: CMPRO
Value: 5153

10 Console Messages

Source Level URL
Text
network error URL: https://code.yengo.com/data/395062.js?async=1&div=34566317395062&t=0.5093597749926027
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/14674112099215987585/index.html".
security error URL: https://f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/16841678510429673680/index.html".
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/undefinedz9njpo
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/undefinedz9njpo
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://widgets.outbrain.com/n2d/widget/100028/customCss/default.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FEDCEEED-7FC3-4777-8CBE-24CDBD186A2A&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=de6c8cc57ea5c998/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QnUjSjjVTngVjRRS
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.th.giraff.io
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
adasia-d.openx.net
ads.playground.xyz
ads.pubmatic.com
ads.smartstream.tv
adservice.google.com
adservice.google.de
anymind360.com
b1t-eudc1.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
c.mgid.com
c1.adform.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.prod.uidapi.com
cdn.taboola.com
cl.imghosts.com
cm.adgrx.com
cm.adsafety.net
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
cnt.trvdp.com
code.th.giraff.io
code.yengo.com
connect.facebook.net
connect.ok.ru
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d5p.de17a.com
daradaily.com
data.ad-score.com
data.th.giraff.io
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
f75301741d05e9e536af621bafac0aac.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.3lift.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
jsc.mgid.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
match.adsby.bidtheatre.com
match.adsrvr.org
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
prg-apac.smartadserver.com
pubmatic-match.dotomi.com
s-img.mgid.com
s.amazon-adsystem.com
s.tribalfusion.com
s.trvdp.com
s.uuidksinc.net
s0.2mdn.net
scdn.line-apps.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
st.pubmatic.com
static.criteo.net
stats.g.doubleclick.net
stg.truvidplayer.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
syndication.twitter.com
tag.adbro.me
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
vk.com
widgets.outbrain.com
www.daradaily.com
www.facebook.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
zem.outbrainimg.com
bh.contextweb.com
104.244.42.8
108.138.7.53
111.223.32.15
13.248.245.213
13.32.99.100
13.32.99.86
130.211.115.4
139.162.159.252
141.94.171.216
141.95.171.142
141.95.98.65
142.250.185.230
142.250.185.98
142.250.186.130
143.204.89.70
146.75.116.157
146.75.122.132
151.101.2.49
151.101.65.44
151.101.65.55
159.65.194.197
162.19.138.116
162.19.138.120
172.241.51.68
172.64.151.162
172.64.154.237
173.231.181.122
178.250.0.157
178.250.0.163
18.66.97.9
184.30.20.22
184.30.25.99
185.29.134.248
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.89
185.80.39.216
185.86.138.121
193.0.160.128
195.5.165.20
198.47.127.20
2.18.233.180
2.18.234.190
2001:678:cb4:bbbb::11
209.54.182.161
209.58.178.190
213.155.156.181
213.19.147.44
213.227.153.221
217.20.155.208
23.106.249.95
2600:9000:2250:7400:a:e047:752:5701
2606:4700:10::6816:31fd
2606:4700:10::ac43:266a
2606:4700:10::ac43:db6
2606:4700:1::6813:864e
2606:4700:1::6813:874e
2606:4700:4400::ac40:9040
2606:4700::6810:5514
2606:4700::6812:19ad
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2001
2a00:1450:4001:812::2008
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a02:2638:1::13
2a02:2638::24
2a02:2638::3
2a02:fa8:8806:20::2010
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3605:a6d:c1bf:1d00:7d4d
3.122.66.11
3.126.56.137
31.220.27.135
34.102.146.192
34.102.253.54
34.107.148.139
34.111.129.221
34.111.131.239
34.120.135.53
34.91.62.186
34.98.64.218
35.156.76.170
35.157.98.214
35.214.223.115
37.157.6.233
37.252.171.149
37.252.171.22
5.161.54.172
52.19.187.82
52.222.236.18
52.223.40.198
54.237.254.37
67.220.228.200
85.114.159.93
88.221.168.189
91.210.226.72
93.186.225.194
98.98.134.241
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
03102a9f5780910b929003ca8ba0c4f8a250761d99eb9e0ec72064baded71e69
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
079dbd1ba4823d12eb26d5506888ac6007392d48591cd87dc23666cf8e3a47f5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
08b2b7884438b4be51b41a98986869f7c08f3b1ee158f691a579de5c8f297e8a
08d9450b6e4c73cbfaa497e1885e5771205b9b1f191d3a5adc719f3ee17f34d1
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05
09b82e051568820409dab2a9343b70c37c9c5aa19afa08460ac9d6ca6be06941
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0a7f204307f7db5171cdc82798173202690580603926ce2fe26915c6f5926823
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b968126b0f107076ea1d572171b2d0b3e8bf65601128a827e4e84b90bfeeacc
0ef8a4eb7a678dfb83174b5e351cb304d87edaf4545d673526452613666e5117
0f163971e3779e19fa8456768b77173c7dd846cb152d723eeb14e59c5afa1455
1252087651702218dbe92c23cb3fd2e441aa5717a46fa2e2a822b1f35913cffd
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
154106811ee46a0e3ab9f32cbdbaf57e3f0eb118bc5cb92d0b391d7e7577c96f
1618f9005ddfc8a2a16d37e0f92e0a2ffc5257299fa2c62f374accefdeec63bc
17855442fe8f55e7db2260b58742478d8cffad82906398774db0ae03a5be4047
17b92120afa5c1d4a3dc02c8b017330c783c91fb0bf484fdc825fe8a160ce441
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a675f90653c51699487add7e121937714560ea612b6ec5df0c9c61bb9705e4a
1aae23a1a146a8276a47a9aaa6b54f499f8f433d9acf7ae65920fd168de57e42
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bf984fa8148b2e414f2ae7d828c483accdd0426ad8cb1883280a2c801cedae5
1c518487dfeb57fd530f7c13967f68767e3d3c9e6df1cff195a8d80d6fc0e387
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1f2e660330caba3a0caa7d0f42b8a12e9f94e21959ef43dc3ac850590411baeb
1f8eaef01da0375cbbddb3bce4ac839e33ce0f2777d3ff7780bacc3305fc275a
21db36ca4c4cccb8381f90a62543e8ebd42f0f4dca5a4e800beb509b23f620ae
22d52a08cc12031b899519a9e5ae12f4d86d61f74508e61d5920f9a7c1305d25
23b60e2e69b7d13081bd7df73521767bea41670852fffdaf5903324c5ccfbfcb
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
29e2e7b7514ce1a39bd51cbac9fb3268a1a0227018e46498ac371148eafbf49b
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2daac6b1cce300ca3c5b7abd97709c8d1ad14dc9d8a4cc5b154f3df891da9bfc
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
3082d06c68dd5cb6f0f66793a21dee2f2cc7fb16a9fdc753d651c598e64b5dac
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325be08d0c3ffaba7ea9058845248de75051d01178ac8eb51040b3e01951eb65
341ac762fb9773e44ac488ed250112cd5ec617d536d97e1eb9556817aeb9fcaf
35b2183535267b95f234d1e6e91f8d693d488f85e1a9d7687e7d32ddb2ae5781
35d05550e6b74af381716ccae2c9d1a5e6eb8ae78eb80c43a4f1d55ecc4d2250
38a056b77b3686a232ae6116d90d7619f9f13575a2ab8826a3a4dbddfb4bc21c
38d6cec38e62c3b96f4ca485f42f89361887cb6ff3a2ef339486b5c140cda587
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3a500a119fa5a1e2411f902f55918655210d3da348b9e8e4b444de9bc410fc5f
3b2ddc56326e2a561d931065ec791018c67e37013b90603c220718b8695a2f7c
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d6d647b8fba4a5b7569d4184958475a67db00e56234542ee824cadf35b5b1c6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f20db2f9bfb26c3075f57928569656beba273cd682eb5a160d30a763e4b305e
3f806647f88d37d884d78bdfa4bd50754cb4d3dcd8fc52c2a82ffc11e6350cfb
40fe805736e0cc3d503da3e1d82bb13ea387179b3dc4f36a538aa5dc5d1d795e
4265b28fc74d10c10a6668da646d5a4d5083c708f0d28c73bb33544ad07b5ee2
45447af3a3d15af287b0d9947462be3791908b3cf7004370ab6f36e15529b239
456cf117c765c3c6a28677f45de39585ad979033a603662986270b83f8fdf5d3
457af336b7fa12a38ebb2ef0f1004dcc27643c52800c29c72ef4fc0f895ae4fa
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b217c17ead1192b2aafbb7a590104db295551024cbc39e3ad289af864dcd55
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
48d2a24a1804fa11cbe51e0d02c98b1323792a9a1248bbaa690169798b7d6d3b
4996d543b6bde61af8dc6d694fea80b60c73f0a8250f621a9d6d5514a0b0db97
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4b0a82e0d397475ec86ce7d404502968cf2f901ba03d62197e01864d814d1447
4b3958fc55391e6052cd95d6bfae59c13233deabd723aaed2b84e15eb25d142a
4b9b378be6087d18983ea344c7ef21d5f042d85c4608ad20e12d7082b5c972a5
4c56f7e72b18b752e236fae96a8b0303c963fa7978407bd736a5e68c0f1f73da
4e85e5c1de544f4eb690ae22b57576664b3b30624f4dc3dcbc3635c0f6b6c4b4
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fc4f9406f21efa7d353ee3c259f6aaf9eb9a07244f1bcf9bd92225894a99a4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bed53d81953fcfde16da7b82982d45753b58b7b05016005351a11cac4ef7702
5d2d03a1dc79014bee40eaa3ae9e3e2de7f9f528bc6210a4f3b54ce64609a3c4
5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761
5e4f8329b54631b000d854fe51e77ddb147a8c3263366e9b0141d66b0b36944c
5eadb3853810c64a037b947f6355ca7f98036d56bfb46ee9f51a01f881259ed6
5f4490a313c12696c04ab9c077ef81cbdba6ff9f1f8f18ddacb7eb1a969b12e4
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
635d346ec4f2667bbe5dc17bec5c819b66ce9a02bea4dd9250b9727eadf26d1d
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae
66c1c2f79ade3a1bb1b609c504553f26039c80d5197946a97779f5d05ba2ed6b
68373eec97343cf05d245626b50d5afad969c2384fd23eb1a7be48cfb449a39b
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
6f21cdd6f46dcb76413b86df6742f48a9050aba6df2d0689d832c1f93301c3c3
6f7d6f75f3c75a7049b187ae155d0cbf20939c1472015ce346e90fca51a56eb6
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
764a79d7e8c4a84d8286fd262e201b8dc9ce28ef0f7650efefbcd5c1f6f61efc
77fa1b8402dbaeb5481fdfeabb715aaca7651d2ffdabb3d5409e650d92beea7a
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
78823d278070981bd8a4314564f586cae365352263454ac22d28d5cb0469b92b
79700986b8b002873b6b6c313cf99c6753af54a294de74b8095fce8a459ad8fe
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a11319ef62c67863d8359b282d7d134f2cd192f7e69670e45f8533687c18ecd
80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a
8113780bd512b317faf7c7f707e4da322adcd057bd6c71a523e4cc9faa4b5819
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8bf99f78991a8cdeb49ad1bd0b1de20fd0cdef4a2813eeb694f2ab6bc597dd45
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8c4d01071187071cb22b9a1db1f1fde935dd86366f4c82839b62f65c8742b1af
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f543567bbf91336ab3b655d2d29daf2fb7f09f01b830d0ac085e921c5d3039a
9047ab649135eb522cbf5988742b96d79257149074b5c423059ca9ed874170c5
910d07ea08d88e63965fd6188c9f20736b5b81a9d2a9ad45fc74b240287c2b7e
919e215d2d171febc2a4e4961a9f7a310ba3b2eb53d714d64f4dc52efe56b74d
92f8bf0a90eef64467b8971d5480d6a1c3ceca0740eb3c16503728f820686ab8
94fa24d1260305e535e9d7fcc2d4760e9bb7bcc3991e7334d99f1cd6b8785bdf
95358158bf321c43e857d8253cf3d28b21f95a3a3e53e1a7a29eede592a5896e
9682aff0dfb2932f5273721abd9190df39eeb0f42c37a24566aa4ac5753219c1
97c33ce35686e79c75e8533488f9e1280add14c1666efc68276e52ac1aca7317
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e19e89ff69e45cabae530a7ff35e757405d00b23f0f9dbed3e21d79249daef7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a674c789b9c3e389eb396f3aad3607bce6bdd1bb8ec4e620dcc421d51a763421
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a74325135c617201d35fc332689dfa3c976d6e20ecf067a291d1fcab189f79a0
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
aa0dc5f1610361ec8461f5e6f72202896c51519b4329c4b036d8793bdcdd13fe
ab79d75854050d545dc226e87d89007670f6904ee0fbfec6568d41e8c8e2076c
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad24788a667e2bc9c62cfac121db1ac21939dab1273373019ac6f1c07af4348e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3f3255ec7f8bd281d4b0ac833c542a9f8d147b3e2d3b9e7184a662427b96779
b76b04c016278cae5faa3148631023dc86dfbccbc10c81226f57a20c98e01cb5
b8a35f46da7921c5172266705fefe371e2ff590e37bfece9a8d1866d5b98f9a8
ba2ea8daf45136819365c897010c0f185d534a7dc553578ec156f9c8db72449e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c11f9cd2e6dc0ee254b0cc76fbff8a23b10f123b927d20bc025b47bc2142143e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4b406de65c0f1611fa161cef881f3a247b1c59ad7ccecc7fe0335ab39497335
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c66c1b91c7ced5e83b4764e793d2f1826d10bb1d83fd553f14d0935a1c430dea
c6a527065c58905bc461b37d5dda3cfb33d447291df858202a346a94a8e30036
ca8c31d7628637d369d264d51254f28ae86a682d3373c4def24358cb4b8fab2f
cb6f42daca24ad58ae6f5bf45288909fe1e0f65906bf0a9bacfd13240e9ca335
cbbd6e2a1f0e42d6518094317362ada25c56bb583fd3bc60f3d694f3246f725d
cd1989403d28794c8a76c26567cb561ee74f94394e104209b13781f1bfcf2b63
cd7f33622e40202167bc44d183879d25497b1e66c51cebb21175b06711e68ce3
cef2c38cd259f4fa99611d69ca9930adb4918e77fc90ca0d49af702247d6618c
cf060fee643fa26d66c57ddf6f4e9610cb88bb884461711fb3a607ef80ad2e85
cf217ad6a4cc6f2a21bbf8cc3053cfb249bf52c5b1bf34894eb1e97d3ec5ddcf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf652745d533b930e874ec62e473dcb2951030ac3ac057fc2e5ee7bec1100979
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d17791254515a2908f550bdf465d839dd204cd81793766e549c5d2468e801450
d4dc0c66eadd4b3167ccb395964b88ea5717313ab053efc1618af0064cb7f3fd
d52296c0f70b0ebc639f0762e22ff111cab61dc55e46b2768144d1f7b103eabc
d64e243770a7345b699907f77f5e6789584278786ffa215802150dab0ee1d7a6
d66721d28142c179431764b4de1bf5c548fadc0c50f7928f38491224142ea17e
d72c09d82241fb33228f80c54a7238a63c8c183fb91394e5d475ade8cd4d8c16
ddf3142ebbd79795c87decfbb716bc8ec235b5a20496638f2cf6d88725e7f9d7
de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
e0f06646d7764cf20d921066cbce601d72ce1a9b7363662730a1f69a3346b350
e2d61990291ba961f3d42876cfbb8ff6a13715764bbf2dfb3bd2e8f6db4393bd
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a098542163dc535e0e3c4ed1bca8fcc8a13f0b827027385af73b8d3db5fa38
e67da78e96433060552b1ae05533f8459a2b3f76b3921a8343f976734be216e1
e782e02cd7711965eca5e020f7e6bfe480824f4185be426e2279887333ab81d1
ec1e470afec131e4497c833d3b83a938ad482a91a0cbaeba386b40f8ff0b2eae
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecbe98cd0fc74bad30a9f0e201e5a1475d0d31e69416fa3b0b773bbb461f0790
ed69d663a6e20e5abfa6bd7069c327282e59fac53458bf0d1429da738948ba4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05826b886d7e1ac928225bb8048e95e975d5d77db853230c141d7b37254d705
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f0cef1f77dcd82a9882b9711181e12181b3dc8a49d9e6a8257fde4b987d6a75c
f164ec8de5881a65f775c90a18557a2ca67a4ef51f35aed61135683efe18baf1
f1df3fad3327eaab1e23bdeb4f69c8d61eeff240442852bb3f68bca4c9ced333
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
f7c9e642a6aaf8a36da43c08103f58a97ac2d50e3dd27b9f162a84ca719d2e65
fab16292a66e362f856092e0fb1fe26eeec7c620fbbfa383c7ebf7d77be81d8f
fbc5bbab43674aff8c128dc7960ff91ff4e643bd5442600e6a8d299153c11253
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b
fe9b9a8ea70497a663f1964f8b7e853457b503eca7b604ce58398009793c87eb
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48