www.businessinsider.de Open in urlscan Pro
2606:4700:10::6816:429a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.businessinsider.com/attacks-cel/u0026#160;phone-towers-coronavirus-5g-conspiracy
Effective URL:
https://www.businessinsider.de/attacks-cel?IR=T
Submission: On April 28 via api (April 28th 2020, 9:42:30 pm UTC) from US

Summary HTTP 98 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 43 IPs in 8 countries across 35 domains to perform 98 HTTP transactions. The main IP is 2606:4700:10::6816:429a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.businessinsider.de.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 26th 2020. Valid for: 6 months.

This is the only time www.businessinsider.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 4	151.101.13.171 151.101.13.171	54113 (FASTLY) (FASTLY)
2 17	2606:4700:10:... 2606:4700:10::6816:429a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.215.103.64 91.215.103.64	43407 (INFONLINE-AS) (INFONLINE-AS)
8	2.21.79.18 2.21.79.18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	23.210.250.44 23.210.250.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3033::681b:a280	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	23.210.248.65 23.210.248.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21f... 2600:9000:21f3:f800:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
6 9	3.126.112.135 3.126.112.135	16509 (AMAZON-02) (AMAZON-02)
1	52.58.104.66 52.58.104.66	16509 (AMAZON-02) (AMAZON-02)
1	93.190.69.241 93.190.69.241	47215 (FILOO-ASN...) (FILOO-ASN Rhedaer StraÃÂe 25)
1	35.186.239.85 35.186.239.85	15169 (GOOGLE) (GOOGLE)
2	34.248.164.240 34.248.164.240	16509 (AMAZON-02) (AMAZON-02)
1	193.46.63.75 193.46.63.75	43407 (INFONLINE-AS) (INFONLINE-AS)
1 2	91.215.103.65 91.215.103.65	43407 (INFONLINE-AS) (INFONLINE-AS)
2	64.202.112.63 64.202.112.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
3	13.225.86.250 13.225.86.250	16509 (AMAZON-02) (AMAZON-02)
3	104.111.241.250 104.111.241.250	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.193.11 13.224.193.11	16509 (AMAZON-02) (AMAZON-02)
1 3	2.16.31.65 2.16.31.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.86.138.114 185.86.138.114	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	3.216.85.5 3.216.85.5	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.2.152 178.250.2.152	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT)
3 5	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
3	185.86.139.95 185.86.139.95	201081 (SMARTADSE...) (SMARTADSERVER)
3	35.158.165.149 35.158.165.149	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
5	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
1	23.210.249.83 23.210.249.83	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.214.54.249 18.214.54.249	14618 (AMAZON-AES) (AMAZON-AES)
98	43

4 151.101.13.171 (Frankfurt am Main, Germany) 4 redirects

ASN54113 (FASTLY, US)

www.businessinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:10::6816:429a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.businessinsider.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.103.64 (Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: script3.ioam.de

script.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.21.79.18 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-79-18.deploy.static.akamaitechnologies.com

www.asadcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.250.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-44.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::681b:a280 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.65 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-65.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:f800:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.38 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.126.112.135 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-112-135.eu-central-1.compute.amazonaws.com

tagger.opecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.104.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-104-66.eu-central-1.compute.amazonaws.com

profiles.tagger.opecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.190.69.241 (Germany)

ASN47215 (FILOO-ASN Rhedaer StraÃÂe 25, DE)

h.df-srv.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.239.85 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 85.239.186.35.bc.googleusercontent.com

cdn.c-i.as	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.164.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-164-240.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.46.63.75 (Alfter, Germany)

ASN43407 (INFONLINE-AS, NL)
PTR: irqs.ioam.de

irqs.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.215.103.65 (Germany) 1 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de3.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.86.250 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-86-250.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.241.250 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-241-250.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.11 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-11.fra2.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.31.65 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-31-65.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.114 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.27 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.21.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.85.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-85-5.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.95.120.147 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

axel-springer-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.158.165.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-165-149.eu-central-1.compute.amazonaws.com

rtb.d.adup-tech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.83 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-83.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.54.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-54-249.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	businessinsider.de 2 redirects www.businessinsider.de	269 KB
12	adnxs.com 3 redirects acdn.adnxs.com ib.adnxs.com secure.adnxs.com fra1-ib.adnxs.com cdn.adnxs.com	164 KB
10	opecloud.com 6 redirects tagger.opecloud.com profiles.tagger.opecloud.com	4 KB
8	doubleclick.net 6 redirects stats.g.doubleclick.net cm.g.doubleclick.net securepubads.g.doubleclick.net	104 KB
8	asadcdn.com www.asadcdn.com	165 KB
6	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	11 KB
6	google.com 2 redirects cse.google.com www.google.com	102 KB
5	pubmatic.com 3 redirects hbopenbid.pubmatic.com image8.pubmatic.com image2.pubmatic.com	2 KB
5	openx.net 3 redirects axel-springer-d.openx.net eu-u.openx.net us-u.openx.net	2 KB
5	smartadserver.com 2 redirects sync.smartadserver.com prg.smartadserver.com	5 KB
4	outbrain.com widgets.outbrain.com amplify.outbrain.com tr.outbrain.com	47 KB
4	ioam.de 1 redirects script.ioam.de irqs.ioam.de de.ioam.de	11 KB
4	businessinsider.com 4 redirects www.businessinsider.com	1002 B
3	adup-tech.com rtb.d.adup-tech.com	4 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	yieldlab.net ad.yieldlab.net	3 KB
3	amazon-adsystem.com c.amazon-adsystem.com	30 KB
3	google.de www.google.de adservice.google.de	396 B
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	googletagservices.com www.googletagservices.com	42 KB
2	chartbeat.net ping.chartbeat.net	336 B
2	adsafeprotected.com pixel.adsafeprotected.com	2 KB
2	unpkg.com unpkg.com	13 KB
2	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	802 B
1	criteo.net static.criteo.net	21 KB
1	casalemedia.com as-sec.casalemedia.com	419 B
1	rubiconproject.com fastlane.rubiconproject.com	4 KB
1	criteo.com bidder.criteo.com	152 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	506 B
1	chartbeat.com static.chartbeat.com	14 KB
1	c-i.as cdn.c-i.as	3 KB
1	df-srv.de h.df-srv.de	949 B
1	consensu.org vendorlist.consensu.org	97 KB
1	googletagmanager.com www.googletagmanager.com	23 KB
1	cleverpush.com static.cleverpush.com	81 KB
98	35

	Domain	Requested by
17	www.businessinsider.de	2 redirects www.businessinsider.de
9	tagger.opecloud.com	6 redirects www.asadcdn.com www.businessinsider.de
8	www.asadcdn.com	www.businessinsider.de www.asadcdn.com
5	fra1-ib.adnxs.com	www.businessinsider.de cdn.adnxs.com
5	www.google.com	2 redirects cse.google.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	cm.g.doubleclick.net	4 redirects
4	ib.adnxs.com	2 redirects www.asadcdn.com
4	www.businessinsider.com	4 redirects
3	image8.pubmatic.com	2 redirects
3	rtb.d.adup-tech.com	www.asadcdn.com
3	prg.smartadserver.com	www.asadcdn.com
3	sb.scorecardresearch.com	1 redirects www.businessinsider.de
3	ad.yieldlab.net	www.asadcdn.com www.businessinsider.de
3	c.amazon-adsystem.com	www.asadcdn.com
3	www.google-analytics.com	1 redirects www.businessinsider.de
2	eu-u.openx.net	2 redirects
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	www.googletagservices.com	www.businessinsider.de securepubads.g.doubleclick.net
2	axel-springer-d.openx.net	1 redirects www.businessinsider.de
2	ping.chartbeat.net	www.businessinsider.de
2	sync.smartadserver.com	2 redirects
2	www.google.de	www.businessinsider.de
2	stats.g.doubleclick.net	2 redirects
2	de.ioam.de	1 redirects www.businessinsider.de
2	pixel.adsafeprotected.com	www.asadcdn.com
2	unpkg.com	www.businessinsider.de
2	widgets.outbrain.com	www.businessinsider.de widgets.outbrain.com
1	image2.pubmatic.com	1 redirects
1	us-u.openx.net
1	static.criteo.net	www.asadcdn.com
1	cdn.adnxs.com	www.asadcdn.com
1	adservice.google.de	www.googletagservices.com
1	as-sec.casalemedia.com	www.asadcdn.com
1	hbopenbid.pubmatic.com	www.asadcdn.com
1	fastlane.rubiconproject.com	www.asadcdn.com
1	bidder.criteo.com	www.asadcdn.com
1	tr.outbrain.com	www.businessinsider.de
1	dsp.adfarm1.adition.com	1 redirects
1	secure.adnxs.com	1 redirects
1	amplify.outbrain.com	www.businessinsider.de
1	static.chartbeat.com	www.googletagmanager.com
1	log.outbrainimg.com	www.asadcdn.com
1	irqs.ioam.de	www.asadcdn.com
1	cdn.c-i.as	www.asadcdn.com
1	h.df-srv.de	www.asadcdn.com
1	profiles.tagger.opecloud.com	www.asadcdn.com
1	vendorlist.consensu.org	www.businessinsider.de
1	acdn.adnxs.com	www.businessinsider.de
1	cse.google.com	www.businessinsider.de
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	www.googletagmanager.com	www.businessinsider.de
1	static.cleverpush.com	www.businessinsider.de
1	script.ioam.de	www.businessinsider.de
98	55

This site contains links to these domains. Also see Links.

Domain
www.businessinsider.com
www.businessinsider.nl
www.businessinsider.com.pl
www.businessinsider.fr
it.businessinsider.com
www.businessinsider.es
www.businessinsider.co.za
www.businessinsider.sg
www.businessinsider.my
www.businessinsider.in
www.businessinsider.jp
www.businessinsider.com.au

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-26` - `2020-10-09`	6 months	crt.sh
*.ioam.de COMODO RSA Organization Validation Secure Server CA	`2017-12-22` - `2020-12-21`	3 years	crt.sh
www.asadcdn.com Let's Encrypt Authority X3	`2020-04-13` - `2020-07-12`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
*.opecloud.com Amazon	`2019-08-27` - `2020-09-27`	a year	crt.sh
*.tagger.opecloud.com Amazon	`2019-08-26` - `2020-09-26`	a year	crt.sh
*.df-srv.de Thawte TLS RSA CA G1	`2019-12-12` - `2021-12-11`	2 years	crt.sh
cdn.c-i.as Thawte TLS RSA CA G1	`2018-03-02` - `2020-04-30`	2 years	crt.sh
fw.adsafeprotected.com Amazon	`2020-03-14` - `2021-04-14`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2020-02-04` - `2021-05-05`	a year	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2020-04-04` - `2021-04-04`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.adup-tech.com Amazon	`2020-03-04` - `2021-04-04`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.businessinsider.de/attacks-cel?IR=T
Frame ID: E2ED8E371A72097552AD3D8533323782
Requests: 78 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: 77C83F9C1D2F313B3EC4CC11C869CF89
Requests: 1 HTTP requests in this frame

Frame: https://www.asadcdn.com/adlib/extensions/c.html?adnxs_uid=895015771991578172&ref=https://www.businessinsider.de&memberId=7823&springBID=
Frame ID: B46D722BA92B3E2B851FF7642F4722DE
Requests: 1 HTTP requests in this frame

Frame: https://www.asadcdn.com/adlib/extensions/mediation.js
Frame ID: 202F4CC4496FF5DC68AFC17E35039E2B
Requests: 4 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 8598F46127417C633A1200E6AE718E8F
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Frame ID: 5DCE8AAD99B78EA58166A41E65C4E537
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: C9F4EF45FD683D6A26B110D3DBF3E320
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.businessinsider.com/attacks-cel/u0026 HTTP 301
https://www.businessinsider.de/international/attacks-cel/u0026?r=US&IR=T HTTP 301
https://www.businessinsider.com/attacks-cel/u0026?r=DE&IR=T HTTP 301
https://www.businessinsider.com/attacks-cel HTTP 301
https://www.businessinsider.de/international/attacks-cel?r=US&IR=T HTTP 301
https://www.businessinsider.com/attacks-cel?r=DE&IR=T HTTP 302
https://www.businessinsider.de/attacks-cel?IR=T Page URL

Page Statistics

98
Requests

100 %
HTTPS

26 %
IPv6

35
Domains

55
Subdomains

43
IPs

8
Countries

1232 kB
Transfer

3505 kB
Size

10
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.businessinsider.com/?IR=C
Title: Gehe zu Business Insider United States

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com/international?IR=C
Title: Gehe zu Business Insider International

Search URL Search Domain Scan URL

URL: https://www.businessinsider.nl/
Title: Gehe zu Business Insider Niederlande

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com.pl/
Title: Gehe zu Business Insider Polen

Search URL Search Domain Scan URL

URL: https://www.businessinsider.fr/
Title: Gehe zu Business Insider Frankreich

Search URL Search Domain Scan URL

URL: https://it.businessinsider.com/
Title: Gehe zu Business Insider Italien

Search URL Search Domain Scan URL

URL: https://www.businessinsider.es/
Title: Gehe zu Business Insider Spanien

Search URL Search Domain Scan URL

URL: https://www.businessinsider.co.za/
Title: Gehe zu Business Insider Südafrika

Search URL Search Domain Scan URL

URL: https://www.businessinsider.sg/
Title: Gehe zu Business Insider Singapur

Search URL Search Domain Scan URL

URL: https://www.businessinsider.my/?_ga=1.181501351.1277313004.1452027952
Title: Gehe zu Business Insider Malaysia

Search URL Search Domain Scan URL

URL: https://www.businessinsider.in/
Title: Gehe zu Business Insider Indien

Search URL Search Domain Scan URL

URL: https://www.businessinsider.jp/
Title: Gehe zu Business Insider Japan

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com.au/
Title: Gehe zu Business Insider Australien

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.businessinsider.com/attacks-cel/u0026 HTTP 301
https://www.businessinsider.de/international/attacks-cel/u0026?r=US&IR=T HTTP 301
https://www.businessinsider.com/attacks-cel/u0026?r=DE&IR=T HTTP 301
https://www.businessinsider.com/attacks-cel HTTP 301
https://www.businessinsider.de/international/attacks-cel?r=US&IR=T HTTP 301
https://www.businessinsider.com/attacks-cel?r=DE&IR=T HTTP 302
https://www.businessinsider.de/attacks-cel?IR=T Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://ib.adnxs.com/getuid?https://www.asadcdn.com/adlib/extensions/c.html?adnxs_uid=$UID&ref=https%3A%2F%2Fwww.businessinsider.de&memberId=7823&springBID= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fwww.asadcdn.com%2Fadlib%2Fextensions%2Fc.html%3Fadnxs_uid%3D%24UID%26ref%3Dhttps%253A%252F%252Fwww.businessinsider.de%26memberId%3D7823%26springBID%3D HTTP 302
https://www.asadcdn.com/adlib/extensions/c.html?adnxs_uid=895015771991578172&ref=https://www.businessinsider.de&memberId=7823&springBID=

Request Chain 36

https://de.ioam.de/tx.io?st=businsi&cp=404_page&sv=i2&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.businessinsider.de&xy=1600x1200x24&lo=DE%2FBerlin&cb=000f&i2=000f293001d5cf4bf5ea8a32d&ep=1611509486&vr=416&id=sxnjyl&i3=000f293001d5cf4bf5ea8a32d%3A1614894125780%3A1588110125780%3A.businessinsider.de%3A1%3Abusinsi%3A404_page%3Anoevent%3A1588110125780&n1=1&dntt=0&lt=1588110125786&ev=&cs=u9jynt&mo=1 HTTP 302
https://de.ioam.de/tx.io?st=businsi&cp=404_page&sv=i2&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.businessinsider.de&xy=1600x1200x24&lo=DE%2FBerlin&cb=000f&i2=000f293001d5cf4bf5ea8a32d&ep=1611509486&vr=416&id=sxnjyl&i3=000f293001d5cf4bf5ea8a32d%3A1614894125780%3A1588110125780%3A.businessinsider.de%3A1%3Abusinsi%3A404_page%3Anoevent%3A1588110125780&n1=1&dntt=0&lt=1588110125786&ev=&cs=u9jynt&mo=1&sr=71

Request Chain 39

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-2241657-31&cid=651365051.1588110126&jid=1130510050&gjid=932174768&_gid=271101344.1588110126&_u=YGBAgUABC~&z=1509797465 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2241657-31&cid=651365051.1588110126&jid=1130510050&_v=j81&z=1509797465 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2241657-31&cid=651365051.1588110126&jid=1130510050&_v=j81&z=1509797465&slf_rd=1&random=2860606715

Request Chain 46

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=754552884&t=pageview&_s=1&dl=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Business%20Insider&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUABC~&jid=899323271&gjid=251336763&cid=1523601114.1588110126&tid=UA-2241657-14&_gid=754352862.1588110126&_r=1&gtm=2wg4f0TVJQXGF&z=1836385206 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2241657-14&cid=1523601114.1588110126&jid=899323271&_gid=754352862.1588110126&gjid=251336763&_v=j81&z=1836385206 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2241657-14&cid=1523601114.1588110126&jid=899323271&_v=j81&z=1836385206 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2241657-14&cid=1523601114.1588110126&jid=899323271&_v=j81&z=1836385206&slf_rd=1&random=3463550434

Request Chain 51

https://tagger.opecloud.com/asci/pcs.gif?puid=84080406955 HTTP 302
https://tagger.opecloud.com/asci/pcs.gif?puid=84080406955&trackability-redirect=true

Request Chain 53

https://tagger.opecloud.com/asmi/v1/pixel.gif?url=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy&ref=&tz=-2&screen=1600x1200x24&tref=&cmpstatus=notrequired HTTP 302
https://tagger.opecloud.com/asmi/v1/pixel.gif?tref=&url=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy&tz=-2&trackability-redirect=true&ref=&screen=1600x1200x24&cmpstatus=notrequired HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ftagger.opecloud.com%2Fsmart%2Fpbfs.gif%3Fsource%3Dasmi%26state%3D2-gUeXu9HnIshEdVc2vym0E3oGfXbrdi9DW2E%253D%26puid%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https%3a%2f%2ftagger.opecloud.com%2fsmart%2fpbfs.gif%3fsource%3dasmi%26state%3d2-gUeXu9HnIshEdVc2vym0E3oGfXbrdi9DW2E%253D%26puid%3d%5bsas_uid%5d&cklb=1 HTTP 302
https://tagger.opecloud.com/smart/pbfs.gif?source=asmi&state=2-gUeXu9HnIshEdVc2vym0E3oGfXbrdi9DW2E%3D&puid=7329906998528363831 HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Ftagger.opecloud.com%2Fappnexus%2Fpbfs.gif%3Fsource%3Dasmi%26state%3D2-FsIC3k9F%252FdNWXSNCfQ3dttUs%252BNx%252B3FykLyw%253D%26puid%3D%24UID HTTP 302
https://tagger.opecloud.com/appnexus/pbfs.gif?source=asmi&state=2-FsIC3k9F%2FdNWXSNCfQ3dttUs%2BNx%2B3FykLyw%3D&puid=2851432344238157639 HTTP 302
https://cm.g.doubleclick.net/pixel?region=dbm-de&google_nid=1plusx_dmp&google_cm&state=2-IaUAp%2Fgl%2FrJdE2E7%2FiJ0TsulafkIs%2Fmbtvg%3D&source=asmi HTTP 302
https://cm.g.doubleclick.net/pixel?region=dbm-de&google_nid=1plusx_dmp&google_cm=&state=2-IaUAp%2Fgl%2FrJdE2E7%2FiJ0TsulafkIs%2Fmbtvg%3D&source=asmi&google_tc= HTTP 302
https://tagger.opecloud.com/dbm/opecs.gif?region=dbm-de&state=2-IaUAp%2Fgl%2FrJdE2E7%2FiJ0TsulafkIs%2Fmbtvg%3D&source=asmi&google_gid=CAESEOEwn9SWXuws4pGKTylEjwY&google_cver=1 HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Ftagger.opecloud.com%2Fadition%2Fpbfs.gif%3Fsource%3Dasmi%26state%3D2-PZ6FunH7E7tauX5HqgoUoNLcc9dhXhifuW4%253D%26puid%3D%25%25COOKIE%25%25 HTTP 302
https://tagger.opecloud.com/adition/pbfs.gif?source=asmi&state=2-PZ6FunH7E7tauX5HqgoUoNLcc9dhXhifuW4%3D&puid=6820881053645338765

Request Chain 57

https://sb.scorecardresearch.com/b?c1=2&c2=13194393&ns__t=1588110126392&ns_c=UTF-8&cv=3.5&c8=Page%20not%20found%20-%20Business%20Insider&c7=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=13194393&ns__t=1588110126392&ns_c=UTF-8&cv=3.5&c8=Page%20not%20found%20-%20Business%20Insider&c7=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy&c9=

Request Chain 62

https://axel-springer-d.openx.net/w/1.0/arj?ju=https://www.businessinsider.de/attacks-cel?IR=T HTTP 302
https://axel-springer-d.openx.net/w/1.0/arj?cc=1&ju=https://www.businessinsider.de/attacks-cel?IR=T

Request Chain 94

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=45b3fc61-b356-4cd1-baa1-1e327a9dc3e3&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=45b3fc61-b356-4cd1-baa1-1e327a9dc3e3&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJXF5OmZBBX7XPOv2a6Z7WU&google_cver=1

Request Chain 95

https://image8.pubmatic.com/AdServer/ImgSync?p=156678&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156678&gdpr=0&gdpr_consent=&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESELQueRHDI7gg-oXt-UsT0u8&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

98 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request attacks-cel Show response
www.businessinsider.de/
Redirect Chain

https://www.businessinsider.com/attacks-cel/u0026
https://www.businessinsider.de/international/attacks-cel/u0026?r=US&IR=T
https://www.businessinsider.com/attacks-cel/u0026?r=DE&IR=T
https://www.businessinsider.com/attacks-cel
https://www.businessinsider.de/international/attacks-cel?r=US&IR=T
https://www.businessinsider.com/attacks-cel?r=DE&IR=T
https://www.businessinsider.de/attacks-cel?IR=T

43 KB
9 KB

511ms
511ms

Document
text/html

2606:4700:10::6816:429a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:429a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b2f111bc173989d8382fc8aa762880a4cc1b486719ef0afd506381692e0a649

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.businessinsider.de
:scheme: https
:path: /attacks-cel?IR=T
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d80ad142b45e27bd2f7bc4eb336fc66dc1588110122
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Tue, 28 Apr 2020 21:42:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-svr-id: qz0, prod-frontend-01@bi-de, prod
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 58b3f3784b449716-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 0264567f2c00009716111d4200000001

Redirect headers

status: 302
server: Varnish
retry-after: 0
location: https://www.businessinsider.de/attacks-cel?IR=T
via: 1.1 varnish 1.1 varnish
x-country-code: DE
accept-ranges: bytes
date: Tue, 28 Apr 2020 21:42:04 GMT
age: 0
x-served-by: cache-bwi5134-BWI, cache-fra19140-FRA
x-cache: HIT, MISS
x-cache-hits: 0, 0
x-timer: S1588110124.290829,VS0,VE546
strict-transport-security: max-age=31536000
content-length: 0

GET
H2 200 style.min.css
www.businessinsider.de/wp-includes/css/dist/block-library/ 40 KB
6 KB 24ms
23ms Stylesheet
text/css 2606:4700:10::6816:429a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.businessinsider.de/wp-includes/css/dist/block-library/style.min.css?ver=5.3

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:429a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1653
x-design-by: level-level.com
status: 200
x-svr-id: qz0, prod-frontend-01@bi-de, prod
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer
expires: Tue, 05 May 2020 10:50:18 GMT
last-modified: Thu, 21 Nov 2019 14:05:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dd699a8-a1fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: https://www.businessinsider.de
vary: Accept-Encoding
cache-control: max-age=604800, public
x-loc-id: 0
cf-request-id: 0264568133000097161123c200000001
cf-ray: 58b3f37b8e9d9716-FRA
x-proxy-cache: HIT

GET
H2 200 main-de.css
www.businessinsider.de/wp-content/themes/business-insider-de/dist/styles/ 186 KB
27 KB 19ms
17ms Stylesheet
text/css 2606:4700:10::6816:429a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.businessinsider.de/wp-content/themes/business-insider-de/dist/styles/main-de.css?ver=3.3.1

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:429a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c045b39fc0bc7a7e938fcc01bf947cfc302ce7c3c39cd2a7b279f58252c434ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1652
x-design-by: level-level.com
status: 200
x-svr-id: qz0, prod-frontend-02@bi-de, prod
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer
expires: Tue, 05 May 2020 10:50:18 GMT
last-modified: Tue, 28 Apr 2020 10:43:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ea808e0-2e9aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: https://www.businessinsider.de
vary: Accept-Encoding
cache-control: max-age=604800, public
x-loc-id: 0
cf-request-id: 0264568133000097161123d200000001
cf-ray: 58b3f37b8e9e9716-FRA
x-proxy-cache: HIT

GET
H2 200 frontend.min.js Show response
www.businessinsider.de/wp-content/plugins/google-analytics-premium/assets/js/ 9 KB
3 KB 16ms
14ms Script
application/javascript 2606:4700:10::6816:429a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.businessinsider.de/wp-content/plugins/google-analytics-premium/assets/js/frontend.min.js?ver=7.10.0

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:429a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1597
x-design-by: level-level.com
status: 200
x-svr-id: qz0, prod-frontend-01@bi-de, prod
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer
expires: Tue, 05 May 2020 10:50:18 GMT
last-modified: Tue, 28 Apr 2020 10:47:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ea809cc-2452"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.businessinsider.de
vary: Accept-Encoding
cache-control: max-age=604800, public
x-loc-id: 0
cf-request-id: 0264568133000097161123e200000001
cf-ray: 58b3f37b8ea09716-FRA
x-proxy-cache: HIT

GET
H2 200 jquery.js Show response
www.businessinsider.de/wp-includes/js/jquery/ 95 KB
32 KB 18ms
17ms Script
application/javascript 2606:4700:10::6816:429a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.businessinsider.de/wp-includes/js/jquery/jquery.js?ver=1.12.4

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:429a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1626
x-design-by: level-level.com
status: 200
x-svr-id: qz0, prod-frontend-03@bi-de, prod
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer
expires: Tue, 05 May 2020 10:49:50 GMT
last-modified: Thu, 21 Nov 2019 14:47:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dd6a392-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.businessinsider.de
vary: Accept-Encoding
cache-control: max-age=604800, public
cf-request-id: 0264568133000097161123f200000001
cf-ray: 58b3f37b8ea19716-FRA
x-proxy-cache: HIT

GET
H2 200 gtm4wp-form-move-tracker.js Show response
www.businessinsider.de/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
418 B 21ms
20ms Script
application/javascript 2606:4700:10::6816:429a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.businessinsider.de/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.11.2

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:429a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1597
x-design-by: level-level.com
status: 200
x-svr-id: qz0, prod-frontend-03@bi-de, prod
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer
expires: Tue, 05 May 2020 10:50:18 GMT
last-modified: Tue, 28 Apr 2020 10:47:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ea809cd-5cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.businessinsider.de
vary: Accept-Encoding
cache-control: max-age=604800, public
cf-request-id: 02645681330000971611240200000001
cf-ray: 58b3f37b8ea49716-FRA
x-proxy-cache: HIT

GET
H/1.1 200
OK iam.js Show response
script.ioam.de/ 24 KB
9 KB 37ms
11ms Script
application/javascript 91.215.103.64
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ioam.de/iam.js?m=1&ver=5.3
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.64 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: script3.ioam.de
Software: nginx / BLACKBIRD-SRC v0.13 000f
Resource Hash: e2e2285645a6c1451bfb6784084d560719b2891aebc8845d28f9f93c69a31460

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 28 Apr 2020 21:42:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Apr 2020 21:42:05 GMT
Server: nginx
X-Powered-By: BLACKBIRD-SRC v0.13 000f
Vary: Accept-Encoding
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Cache-Control: private, max-age=7200, pre-check=7200
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Tue, 28 Apr 2020 23:42:05 GMT

GET
H2 200 main_de.js Show response
www.businessinsider.de/wp-content/themes/business-insider-de/dist/scripts/ 111 KB
34 KB 19ms
18ms Script
application/javascript 2606:4700:10::6816:429a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.businessinsider.de/wp-content/themes/business-insider-de/dist/scripts/main_de.js?ver=3.3.1

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:429a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4deb575369f8d3baa76f0a03a9c2370c2104505aea8f8e3818b72c1cd9e403cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1652
x-design-by: level-level.com
status: 200
x-svr-id: qz0, prod-frontend-01@bi-de, prod
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer
expires: Tue, 05 May 2020 10:50:18 GMT
last-modified: Tue, 28 Apr 2020 10:43:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ea808e0-1bb35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.businessinsider.de
vary: Accept-Encoding
cache-control: max-age=604800, public
x-loc-id: 0
cf-request-id: 02645681710000971611245200000001
cf-ray: 58b3f37beef89716-FRA
x-proxy-cache: HIT

GET
H2 200 businessinsider.js Show response
www.asadcdn.com/adlib/pages/ 337 KB
105 KB 41ms
14ms Script
application/x-javascript 2.21.79.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.79.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-79-18.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ae7b699deca17ac850f261b86f857894811126dcb526df2c68b0d46625acfb9d

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
pragma: no-cache
last-modified: Mon, 27 Apr 2020 13:21:47 GMT
server: AkamaiNetStorage
etag: "6d43c2bb9da3cf5335659fd71f785de4:1587993707.150762"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 28 Apr 2020 21:42:05 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 132 KB
44 KB 26ms
8ms Script
application/x-javascript 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js?ver=5.3
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 04e3501d88133593f3c40bafaf9819834fa3c651110be1aabc2ab7e1b5af0c98

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 14:54:37 GMT
status: 200
etag: W/"20e84-Kx9R9xTalA+Orsd4y54rF1ZaG+M"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
timing-allow-origin: *
content-length: 44782
expires: Wed, 29 Apr 2020 01:42:05 GMT

GET
H2 200 BssgKWJo9YERkT3ZE.js Show response
static.cleverpush.com/channel/loader/ 399 KB
81 KB 58ms
21ms Script
application/javascript 2606:4700:3033::681b:a280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/channel/loader/BssgKWJo9YERkT3ZE.js?ver=1.0
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:a280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66f2274b8c470d0e1eab153eede31f493055184eafb90a105d59511e39522286

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 17467
cf-polished: origSize=409065
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 29664E0E8A9EAC62
x-amz-id-2: SYNpFWmOgJ5I/cp5QwzpnNOPErnYZh8y5kaOOSIKGLdlerd/mGFPc47H1oJnG2GHjeY/RzAGvAI=
last-modified: Tue, 28 Apr 2020 15:07:33 GMT
server: cloudflare
etag: W/"ada4bcc715f4fd53fd892997ba2d5d20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=21600
cf-request-id: 02645681970000c2a9e3390200000001
cf-ray: 58b3f37c29c6c2a9-FRA
cf-bgj: minify

GET
H2 200 wp-embed.min.js Show response
www.businessinsider.de/wp-includes/js/ 1 KB
822 B 15ms
13ms Script
application/javascript 2606:4700:10::6816:429a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.businessinsider.de/wp-includes/js/wp-embed.min.js?ver=5.3

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:429a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1653
x-design-by: level-level.com
status: 200
x-svr-id: qz0, prod-frontend-02@bi-de, prod
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer
expires: Tue, 05 May 2020 10:50:18 GMT
last-modified: Thu, 21 Nov 2019 14:47:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dd6a387-577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.businessinsider.de
vary: Accept-Encoding
cache-control: max-age=604800, public
x-loc-id: 0
cf-request-id: 02645681740000971611246200000001
cf-ray: 58b3f37beefc9716-FRA
x-proxy-cache: HIT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 2745
date: Tue, 28 Apr 2020 20:56:20 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18174
expires: Tue, 28 Apr 2020 22:56:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 62 KB
23 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TVJQXGF

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03bbf9e10aec22369db8b313a649c190ae30e0ca12a7cdb704b512e5559db505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 22988
x-xss-protection: 0
last-modified: Tue, 28 Apr 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Apr 2020 21:42:05 GMT

GET
H2 200 BI_black_vertical.svg
www.businessinsider.de/wp-content/themes/business-insider-de/dist/images/de/ 3 KB
1 KB 14ms
14ms Image
image/svg+xml 2606:4700:10::6816:429a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.businessinsider.de/wp-content/themes/business-insider-de/dist/images/de/BI_black_vertical.svg

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:429a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbbe8214de424f2c3055511e4134d7b43cefc0db3cf20f38cda93256a9faca16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 850
x-design-by: level-level.com
status: 200
x-svr-id: qz0, prod-frontend-02@bi-de, prod
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 28 Apr 2020 10:43:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ea808e0-beb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://www.businessinsider.de
vary: Accept-Encoding
cache-control: max-age=315360000, public
x-loc-id: 0
cf-request-id: 02645681770000971611247200000001
cf-ray: 58b3f37bfefe9716-FRA
x-proxy-cache: HIT

GET
H2 200 globe-icon.svg
www.businessinsider.de/wp-content/themes/business-insider-de/dist/images/de/ 6 KB
2 KB 20ms
16ms Image
image/svg+xml 2606:4700:10::6816:429a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.businessinsider.de/wp-content/themes/business-insider-de/dist/images/de/globe-icon.svg

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:429a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc24feae2aa7c6dd7a875f614c86945e731a91c8f4723cf602faa5ac7a1a05a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1618
x-design-by: level-level.com
status: 200
x-svr-id: qz0, prod-frontend-02@bi-de, prod
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 28 Apr 2020 10:43:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ea808e0-184a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://www.businessinsider.de
vary: Accept-Encoding
cache-control: max-age=315360000, public
x-loc-id: 0
cf-request-id: 0264568181000097161124c200000001
cf-ray: 58b3f37c0f0f9716-FRA
x-proxy-cache: HIT

GET
H2 200 search-icon.svg
www.businessinsider.de/wp-content/themes/business-insider-de/dist/images/de/ 263 B
323 B 25ms
21ms Image
image/svg+xml 2606:4700:10::6816:429a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.businessinsider.de/wp-content/themes/business-insider-de/dist/images/de/search-icon.svg

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:429a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcb91cd80522c17f52a0f0163112a2983498f9fbc7c70917ed401a6a9413bf2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1618
x-design-by: level-level.com
status: 200
x-svr-id: qz0, prod-frontend-03@bi-de, prod
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 28 Apr 2020 10:43:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ea808e0-107"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: https://www.businessinsider.de
vary: Accept-Encoding
cache-control: max-age=315360000, public
cf-request-id: 0264568181000097161124d200000001
cf-ray: 58b3f37c0f109716-FRA
x-proxy-cache: HIT

GET
H2 200 LabGrotesque-Regular.woff2
www.businessinsider.de/wp-content/themes/business-insider-de/dist/fonts/ 44 KB
45 KB 26ms
22ms Font
application/font-woff 2606:4700:10::6816:429a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.businessinsider.de/wp-content/themes/business-insider-de/dist/fonts/LabGrotesque-Regular.woff2

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:429a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8b4fde7be3fa99a858afd07083567eb8bc37a638eb2ca3ee1b8d67d5dcba395

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://www.businessinsider.de

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1567
x-design-by: level-level.com
status: 200
x-svr-id: qz0, prod-frontend-02@bi-de, prod
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer
expires: Tue, 05 May 2020 10:49:02 GMT
last-modified: Tue, 28 Apr 2020 10:43:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ea808e0-b1f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff
access-control-allow-origin: https://www.businessinsider.de
vary: Accept-Encoding
cache-control: max-age=604800, public
x-loc-id: 5
cf-request-id: 02645681800000971611248200000001
cf-ray: 58b3f37c0f0b9716-FRA
x-proxy-cache: HIT

GET
H2 200 LabGrotesque-Black.woff2
www.businessinsider.de/wp-content/themes/business-insider-de/dist/fonts/ 47 KB
47 KB 16ms
13ms Font
application/font-woff 2606:4700:10::6816:429a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.businessinsider.de/wp-content/themes/business-insider-de/dist/fonts/LabGrotesque-Black.woff2

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:429a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c41dc37fea212372d1f53109304ebae695e644f9ce083dcab08d5978c8c3020f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://www.businessinsider.de

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1569
x-design-by: level-level.com
status: 200
x-svr-id: qz0, prod-frontend-03@bi-de, prod
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer
expires: Tue, 05 May 2020 10:49:51 GMT
last-modified: Tue, 28 Apr 2020 10:43:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ea808e0-bb34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff
access-control-allow-origin: https://www.businessinsider.de
vary: Accept-Encoding
cache-control: max-age=604800, public
cf-request-id: 02645681800000971611249200000001
cf-ray: 58b3f37c0f0c9716-FRA
x-proxy-cache: HIT

GET
H2 200 icomoon.ttf
www.businessinsider.de/wp-content/themes/business-insider-de/dist/fonts/ 6 KB
6 KB 15ms
12ms Font
application/octet-stream 2606:4700:10::6816:429a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.businessinsider.de/wp-content/themes/business-insider-de/dist/fonts/icomoon.ttf?ab3giz

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:429a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e054f0f119165d113b897a7e0f59cd86bcdc81f3356cc3a8f726c499a6a9edf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://www.businessinsider.de

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1620
x-design-by: level-level.com
status: 200
x-svr-id: qz0, prod-frontend-02@bi-de, prod
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 6280
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer
expires: Tue, 28 Apr 2020 10:54:52 GMT
last-modified: Tue, 28 Apr 2020 10:43:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ea808e0-1888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://www.businessinsider.de
vary: Accept-Encoding
cache-control: max-age=300, public
x-loc-id: 0
cf-request-id: 0264568180000097161124a200000001
accept-ranges: bytes
cf-ray: 58b3f37c0f0d9716-FRA
x-proxy-cache: HIT

GET
H2 200 TiemposTextWeb-Regular.woff2
www.businessinsider.de/wp-content/themes/business-insider-de/dist/fonts/ 55 KB
55 KB 17ms
14ms Font
application/font-woff 2606:4700:10::6816:429a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.businessinsider.de/wp-content/themes/business-insider-de/dist/fonts/TiemposTextWeb-Regular.woff2

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:429a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21e4c693a76ff62ecedd88944ac1aa6da95ea7eadb8ee33237a22ea63a188d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: https://www.businessinsider.de

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1569
x-design-by: level-level.com
status: 200
x-svr-id: qz0, prod-frontend-02@bi-de, prod
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer
expires: Tue, 05 May 2020 10:49:51 GMT
last-modified: Tue, 28 Apr 2020 10:43:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ea808e0-dc8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff
access-control-allow-origin: https://www.businessinsider.de
vary: Accept-Encoding
cache-control: max-age=604800, public
x-loc-id: 5
cf-request-id: 0264568180000097161124b200000001
cf-ray: 58b3f37c0f0e9716-FRA
x-proxy-cache: HIT

GET
H2 200 put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 77C8 0
0 13ms
12ms Document
text/html 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.businessinsider.de/attacks-cel?IR=T
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.businessinsider.de/attacks-cel?IR=T

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1587987469.954828"
last-modified: Mon, 27 Apr 2020 10:22:01 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Tue, 28 Apr 2020 21:42:05 GMT
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1588110125~rv=84~id=fdd5668b1b2ef9e6c8bf512011e969fe; path=/; Expires=Tue, 28 Apr 2020 21:42:05 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3LmJ1c2luZXNzaW5zaWRlci5kZQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
477 B 43ms
8ms XHR
application/json 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tcheck.outbrainimg.com/tcheck/check/d3d3LmJ1c2luZXNzaW5zaWRlci5kZQ==

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?ver=5.3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0; includeSubDomains;
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=32285
Date: Tue, 28 Apr 2020 21:42:05 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: false
Content-Length: 16
Expires: Wed, 29 Apr 2020 06:40:10 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 11 KB
4 KB 72ms
41ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=015545864336605717175:rq6sgru8yxb

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

2e23e8eb4fec82aac41332bbbd514ebe4f7681424a500bde82efc566057603c3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 3490
x-xss-protection: 0
expires: Tue, 28 Apr 2020 21:42:05 GMT

GET
H/1.1 200
OK bar.jpg
acdn.adnxs.com/ast/static/ 3 KB
4 KB 28ms
9ms Image
image/jpeg 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acdn.adnxs.com/ast/static/bar.jpg
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: c3c93bf4dea7bc196bf74ad474951d8ff300198f95198fe8ec3e1c6ae41c5e81

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 28 Apr 2020 21:42:05 GMT
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
Age: 18109180
X-Cache: HIT, HIT, HIT
X-Cache-Hits: 1, 1, 329387
Connection: keep-alive
Content-Length: 3507
X-Served-By: cache-jfk8136-JFK, cache-lga21950-LGA, cache-fra19173-FRA
Last-Modified: Fri, 18 Sep 2015 15:07:50 GMT
Server: nginx/1.13.10
X-Timer: S1588110126.680173,VS0,VE0
ETag: "55fc28c6-db3"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Expires: Thu, 01 Oct 2020 07:22:27 GMT

GET
H2 200 1.1.3.5-RELEASE.chunk.js Show response
unpkg.com/@ideasio/oil.js@1.3.5/release/current/ 6 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@ideasio/oil.js@1.3.5/release/current/1.1.3.5-RELEASE.chunk.js

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/wp-content/themes/business-insider-de/dist/scripts/main_de.js?ver=3.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4516ec7d5df28b8711c99488aac11b977244d66342f5f589658c5f0831147805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7046657
status: 200
vary: Accept-Encoding
cf-request-id: 026456825d000064a914b3e200000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1618-Rxbaj5BKFUTIMy+GlWIu1OxoyMU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: ae0366d797aa706fdf28012dacd03a4f
cache-control: public, max-age=31536000
cf-ray: 58b3f37d6bf464a9-FRA

GET
H2 200 0.1.3.5-RELEASE.chunk.js Show response
unpkg.com/@ideasio/oil.js@1.3.5/release/current/ 50 KB
11 KB 22ms
21ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@ideasio/oil.js@1.3.5/release/current/0.1.3.5-RELEASE.chunk.js

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/wp-content/themes/business-insider-de/dist/scripts/main_de.js?ver=3.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b50285a55123287bc3e80226395b02191babe9fa5ce76f75ed29a8d720485e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14952445
status: 200
vary: Accept-Encoding
cf-request-id: 026456825d000064a914b3f200000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"c636-mpFmdfVgY3jGWyV1eqk2YBdHt7Q"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: f340ac074e046d58a5fa8d1c28079fb4
cache-control: public, max-age=31536000
cf-ray: 58b3f37d6bf564a9-FRA

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 96 KB
97 KB 24ms
8ms XHR
application/json 2600:9000:21f3:f800:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/wp-content/themes/business-insider-de/dist/scripts/main_de.js?ver=3.3.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:f800:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43fbafd9f9ecb62e74f7bec9f1fa005c5fabd2efe8511d16c254e57697b96c08

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Apr 2020 16:10:18 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 451908
x-cache: Hit from cloudfront
status: 200
content-length: 98229
last-modified: Thu, 23 Apr 2020 16:01:23 GMT
server: AmazonS3
etag: "2aaba7b52d4479d9af309cf05be68637"
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: P45PiKW08luvYJKm8dX1nviifEJMWRs.
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-amz-cf-id: PJ25MrGZU7jWDHKw9sNwoO1LhVdvSeT3gh8aXcah88BM21N8FHfr1Q==

GET
H2

200

c.html
www.asadcdn.com/adlib/extensions/ Frame B46D
Redirect Chain

https://ib.adnxs.com/getuid?https://www.asadcdn.com/adlib/extensions/c.html?adnxs_uid=$UID&ref=https%3A%2F%2Fwww.businessinsider.de&memberId=7823&springBID=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fwww.asadcdn.com%2Fadlib%2Fextensions%2Fc.html%3Fadnxs_uid%3D%24UID%26ref%3Dhttps%253A%252F%252Fwww.businessinsider.de%26memberId%3D7823%26sprin...
https://www.asadcdn.com/adlib/extensions/c.html?adnxs_uid=895015771991578172&ref=https://www.businessinsider.de&memberId=7823&springBID=

0
0

9ms
8ms

Document
text/html

2.21.79.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.asadcdn.com/adlib/extensions/c.html?adnxs_uid=895015771991578172&ref=https://www.businessinsider.de&memberId=7823&springBID=
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.79.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-79-18.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: www.asadcdn.com
:scheme: https
:path: /adlib/extensions/c.html?adnxs_uid=895015771991578172&ref=https://www.businessinsider.de&memberId=7823&springBID=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.businessinsider.de/attacks-cel?IR=T
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: akaas_ABTest-noad=1588196525~rv=69~id=be831bc169760d5506d38841f075ed04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.businessinsider.de/attacks-cel?IR=T

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "21a4d72fe05189d5b0a9a7b83cb241ec:1580806408.142386"
last-modified: Tue, 04 Feb 2020 08:53:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Tue, 28 Apr 2020 21:42:05 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Tue, 28 Apr 2020 21:42:05 GMT
content-length: 940
set-cookie: akaas_ABTest-noad=1588196525~rv=69~id=be831bc169760d5506d38841f075ed04; path=/; Expires=Wed, 29 Apr 2020 21:42:05 GMT; Secure; SameSite=None
timing-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *

Redirect headers

Server: nginx/1.13.4
Date: Tue, 28 Apr 2020 21:42:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://www.asadcdn.com/adlib/extensions/c.html?adnxs_uid=895015771991578172&ref=https://www.businessinsider.de&memberId=7823&springBID=
AN-X-Request-Uuid: 024d16e2-831e-44f3-8daf-da8726eb0a9d
Set-Cookie: uuid2=895015771991578172; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 27-Jul-2020 21:42:07 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 83.97.23.35; 83.97.23.35; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.239:80

GET
H2 200 adplayer.css
www.asadcdn.com/adlib/extensions/ 3 KB
1 KB 10ms
10ms Stylesheet
text/css 2.21.79.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.asadcdn.com/adlib/extensions/adplayer.css
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.79.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-79-18.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 69bd6d09cd63366b9cec049dd5394ba7c0670c358a6bf259da66c3e1fbc6eaf5

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 810
pragma: no-cache
last-modified: Mon, 09 Sep 2019 06:24:27 GMT
server: AkamaiNetStorage
etag: "6f558f7dd63b75cbb3c01c156f2563c6:1568010267.200125"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 28 Apr 2020 21:42:05 GMT

GET
H2 200 adlib_seq.js Show response
www.asadcdn.com/adlib/ 142 KB
46 KB 17ms
16ms Script
application/x-javascript 2.21.79.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.asadcdn.com/adlib/adlib_seq.js
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.79.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-79-18.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7bfe6fb037e2582130679c2d94d1e9efb1948538a0c8f32b3fc95d6a78f4554d

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
pragma: no-cache
last-modified: Mon, 27 Apr 2020 12:49:05 GMT
server: AkamaiNetStorage
etag: "f96f1746ac58890f7dd8e1ea48f411e2:1587991745.748235"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 28 Apr 2020 21:42:05 GMT

GET
H2 200 tagger.js Show response
tagger.opecloud.com/asmi/v1/ 2 KB
1 KB 40ms
9ms Script
text/javascript 3.126.112.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagger.opecloud.com/asmi/v1/tagger.js
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.112.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-112-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68edd104fc66f0d2b21271238e814185b2da731be9ab352d2ee3eff80cac1e7a

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="ADMa OUR IND DSP NON COR"
status: 200
cache-control: private, max-age=3600
content-type: text/javascript; charset=utf-8
content-length: 1015

GET
H2 200 profile Show response
profiles.tagger.opecloud.com/api/v1/asmi/ 15 B
231 B 55ms
24ms XHR
application/json 52.58.104.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://profiles.tagger.opecloud.com/api/v1/asmi/profile
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.104.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-104-66.eu-central-1.compute.amazonaws.com
Software: akka-http/10.1.8 /
Resource Hash: da5956eb40499755436091829dc92f137f6a7d076a34df1aed00e74ca4689141

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
content-encoding: gzip
server: akka-http/10.1.8
status: 200
content-type: application/json
access-control-allow-origin: https://www.businessinsider.de
cache-control: no-cache
access-control-allow-credentials: true

POST
H2 200 1221 Show response
h.df-srv.de/hb/ 257 B
949 B 49ms
22ms XHR
application/json 93.190.69.241
FILOO-ASN Rhedaer...

General

Check archive.org

Show headers Download Go to

Full URL

https://h.df-srv.de/hb/1221

Requested by

Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

93.190.69.241 , Germany, ASN47215 (FILOO-ASN Rhedaer StraÃÂe 25, DE),

Reverse DNS

Software

/ 5a6122789e17-8.3.6

Resource Hash

f2a82586415fcb0f4fee3d92160bd08f8818edde3753d713129622f998a626ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
x-content-type-options: nosniff
x-powered-by: 5a6122789e17-8.3.6
uber-trace-id: c47bceca9b98e2eb:c47bceca9b98e2eb:0:0
p3p: CP="Contact Impact does not have a P3P policy."
status: 200
x-rid: 5a6122789e17-1791126
content-length: 257
x-xss-protection: 0
pragma: no-cache
x-dev: https://contactimpact.de/jobs
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.businessinsider.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 c.js Show response
cdn.c-i.as/ 2 KB
3 KB 34ms
8ms Script
application/javascript 35.186.239.85
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.c-i.as/c.js
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.239.85 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 85.239.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a92c1f1674c0d44b578d076451887d391914abbeeb912f5d59e9f0d009131de8

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:26:04 GMT
age: 961
x-guploader-uploadid: AAANsUk4s3twW3rcEPU5rwr7ZW_cLJPq4R63mUWC-j59-UMiuqtrUKTIGW9rQt2TZgaF04ZDkbyj9WwyUNIy6Xj4TgY
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 2322
last-modified: Wed, 11 Mar 2020 13:26:00 GMT
server: UploadServer
etag: "ba49dfccb3cad16c70a60dbe3152c6c9"
x-goog-hash: crc32c=pm9zpw==, md5=uknfzLPK0Wxwpg2+MVLGyQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1583933160891321
cache-control: public, max-age=3600
x-goog-stored-content-length: 2322
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 28 Apr 2020 22:26:04 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 1 KB
1 KB 111ms
38ms XHR
application/json 34.248.164.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=927274&slot=%7Bid:superbanner,ss:%5B728.90,728.600,800.250,970.250,1000.600%5D,p:-,t:display%7D&slot=%7Bid:billboard_btf_2,ss:%5B728.90,800.250,970.250%5D,p:-,t:display%7D&slot=%7Bid:sky,ss:%5B160.600,120.600,300.600,500.1000,1000.1000%5D,p:-,t:display%7D&slot=%7Bid:mrec,ss:%5B300.250,320.160,300.300,300.600%5D,p:-,t:display%7D&slot=%7Bid:mrec_btf,ss:%5B300.250%5D,p:-,t:display%7D&slot=%7Bid:mrec_btf_3,ss:%5B300.250%5D,p:-,t:display%7D&slot=%7Bid:mrec_btf_4,ss:%5B300.250%5D,p:-,t:display%7D&slot=%7Bid:inpage,ss:%5B1.1,640.360,1000.300%5D,p:-,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=47ca5925-7ced-03a3-3d6b-91194036a5d8
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.164.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-164-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 026b2a1b92123d0d1be22b2f3ad8aabf10a7c90bb921f33792e2fde41fc4d20a

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
x-server-name: app30.ie.303net.net
status: 200
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.businessinsider.de
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 identitystatus Show response
irqs.ioam.de/ 25 B
211 B 52ms
15ms XHR
application/vnd.api+json 193.46.63.75
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://irqs.ioam.de/identitystatus?offerIdentifier=businsi&siteIdentifier=404_page&sampleType=in&pixelType=CP&isFadeoutFlash=true&isFadeoutFrame=true&isFadeoutForm=true&positionTop=10&positionLeft=100&zIndex=1100000&c=0.46497283373273723

Requested by

Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.46.63.75 Alfter, Germany, ASN43407 (INFONLINE-AS, NL),

Reverse DNS

irqs.ioam.de

Software

nginx /

Resource Hash

9efa53ec1a261a8576a66a71befaf9d03c1a108aac36271f4599b87597b8a71e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:05 GMT
server: nginx
status: 200
vary: Origin
content-type: application/vnd.api+json
access-control-allow-origin: https://www.businessinsider.de
access-control-allow-credentials: true
strict-transport-security: max-age=15768000

GET
H/1.1

200
OK

tx.io Show response
de.ioam.de/
Redirect Chain

https://de.ioam.de/tx.io?st=businsi&cp=404_page&sv=i2&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.businessinsider.de&xy=1600x1200x24&lo=DE%2FBerlin&cb=000f&i2=000f293001d5cf4bf5ea8a32d&ep=1611509486&...
https://de.ioam.de/tx.io?st=businsi&cp=404_page&sv=i2&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.businessinsider.de&xy=1600x1200x24&lo=DE%2FBerlin&cb=000f&i2=000f293001d5cf4bf5ea8a32d&ep=1611509486&...

0
694 B

21ms
14ms

Script
application/x-javascript

91.215.103.65
INFONLINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.ioam.de/tx.io?st=businsi&cp=404_page&sv=i2&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.businessinsider.de&xy=1600x1200x24&lo=DE%2FBerlin&cb=000f&i2=000f293001d5cf4bf5ea8a32d&ep=1611509486&vr=416&id=sxnjyl&i3=000f293001d5cf4bf5ea8a32d%3A1614894125780%3A1588110125780%3A.businessinsider.de%3A1%3Abusinsi%3A404_page%3Anoevent%3A1588110125780&n1=1&dntt=0&lt=1588110125786&ev=&cs=u9jynt&mo=1&sr=71
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL),
Reverse DNS: de3.ioam.de
Software: nginx / BLACKBIRD-RCV v1.06.2 003f
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 28 Apr 2020 21:42:06 GMT
Server: nginx
X-Powered-By: BLACKBIRD-RCV v1.06.2 003f
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies

Redirect headers

Date: Tue, 28 Apr 2020 21:42:05 GMT
Access-Control-Allow-Origin: *
X-Powered-By: BLACKBIRD-RCV v1.06.2 003f
Transfer-Encoding: chunked
P3P: policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV
Connection: keep-alive
Pragma: no-cache
Last-Modified: Tue, 28 Apr 2020 21:42:05 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: /tx.io?st=businsi&cp=404_page&sv=i2&sc=yes&pt=CP&ps=lin&er=N22&rf=&r2=&ur=www.businessinsider.de&xy=1600x1200x24&lo=DE%2FBerlin&cb=000f&i2=000f293001d5cf4bf5ea8a32d&ep=1611509486&vr=416&id=sxnjyl&i3=000f293001d5cf4bf5ea8a32d%3A1614894125780%3A1588110125780%3A.businessinsider.de%3A1%3Abusinsi%3A404_page%3Anoevent%3A1588110125780&n1=1&dntt=0&lt=1588110125786&ev=&cs=u9jynt&mo=1&sr=71
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies
Expires: Sun, 28 Apr 2019 21:42:05 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 369ms
93ms XHR
application/json 64.202.112.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1588110125811&sessionId=9aa1171e-0916-8952-2a99-961cbb30f1e9&url=www.businessinsider.de&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Apr 2020 21:42:06 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 8a14c5cf7d39355c088f35ebe013c53f
Content-Length: 4
Expires: 0

GET
H2 200 collect
www.google-analytics.com/ 35 B
102 B 7ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&aip=1&a=754552884&t=pageview&_s=1&dl=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT&dp=%2F404.html%3Fpage%3D%2Fattacks-cel%3FIR%3DT%26from%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Business%20Insider&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABC~&jid=1130510050&gjid=932174768&cid=651365051.1588110126&tid=UA-2241657-31&_gid=271101344.1588110126&z=1973524363

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Apr 2020 20:21:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1041625
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-2241657-31&cid=651365051.1588110126&jid=1130510050&gjid=932174768&_gid=271101344.1588110126&_u=YGBAgUABC~&z=1509797465
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2241657-31&cid=651365051.1588110126&jid=1130510050&_v=j81&z=1509797465
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2241657-31&cid=651365051.1588110126&jid=1130510050&_v=j81&z=1509797465&slf_rd=1&random=2860606715

42 B
109 B

31ms
18ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2241657-31&cid=651365051.1588110126&jid=1130510050&_v=j81&z=1509797465&slf_rd=1&random=2860606715

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Apr 2020 21:42:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Apr 2020 21:42:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2241657-31&cid=651365051.1588110126&jid=1130510050&_v=j81&z=1509797465&slf_rd=1&random=2860606715
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 currency.js Show response
www.asadcdn.com/pec/ 695 B
1 KB 31ms
8ms Script
application/x-javascript 2.21.79.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.asadcdn.com/pec/currency.js
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.79.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-79-18.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7ef7c1bb8cba856f625a353c368ae223d632d4188477857a25e7015d0a28ee7c

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:06 GMT
status: 200
content-length: 695
pragma: no-cache
last-modified: Mon, 27 Apr 2020 22:34:03 GMT
server: AkamaiNetStorage
etag: "91609b966b26cd40de51f19b6fea1fcc:1588026843.240677"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 28 Apr 2020 21:42:06 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 101 KB
26 KB 56ms
22ms Script
application/javascript 13.225.86.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 1615f1ff025d6fe1f52f8305bb86c36bf7ed8a8849d40936148e85a7f301437c

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 27 Apr 2020 22:12:29 GMT
content-encoding: gzip
server: Server
age: 84577
etag: 9939711bec30b55c0ff5bad3b91f63c9
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Irh0ouuOtK_JBeBuiGmO_MT-L19WkHxBylyb3fTP7ZAD1Cf8W5N3Ww==
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)

GET
H/1.1 200
OK 2060910,2060906,2060908,2060912,2060909,2060911,2060913,2060907,2061231,5990474 Show response
ad.yieldlab.net/yp/ 154 B
859 B 57ms
22ms Script
text/javascript 104.111.241.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.yieldlab.net/yp/2060910,2060906,2060908,2060912,2060909,2060911,2060913,2060907,2061231,5990474?&formats_2060907=101,103,104,105,109,114,119&ts=3528237849056
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.241.250 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-241-250.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Apr 2020 21:42:06 GMT
Content-Encoding: gzip
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 129
Expires: Mon, 27 Apr 2020 21:42:06 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 54ms
18ms Script
application/x-javascript 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVJQXGF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.193.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-11.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:16:48 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 01:13:41 GMT
server: nginx
age: 1517
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: CJN8DNJJBI4NEY7jOX85bFU0dVnyhK4be8KAnf3u335IwSDBrkuq7A==
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
expires: Tue, 28 Apr 2020 23:16:48 GMT

GET
H2 200 obtp.js Show response
amplify.outbrain.com/cp/ 6 KB
3 KB 25ms
19ms Script
application/x-javascript 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9426dab81ab7e8fd446184b6afcdec99435449172bf20f6fb1c9c2b75f6eb979

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:06 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 10:37:32 GMT
server: AkamaiNetStorage
etag: "d96c66d3880781fb37c90849587edaa0:1587983852.14205"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1200
accept-ranges: bytes
content-length: 2563
expires: Tue, 28 Apr 2020 22:02:06 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 68ms
17ms Script
application/x-javascript 2.16.31.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-31-65.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 28 Apr 2020 21:42:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Wed, 29 Apr 2020 21:42:06 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=754552884&t=pageview&_s=1&dl=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2241657-14&cid=1523601114.1588110126&jid=899323271&_gid=754352862.1588110126&gjid=251336763&_v=j81&z=1836385206
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2241657-14&cid=1523601114.1588110126&jid=899323271&_v=j81&z=1836385206
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2241657-14&cid=1523601114.1588110126&jid=899323271&_v=j81&z=1836385206&slf_rd=1&random=3463550434

42 B
109 B

17ms
16ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2241657-14&cid=1523601114.1588110126&jid=899323271&_v=j81&z=1836385206&slf_rd=1&random=3463550434

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Apr 2020 21:42:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Apr 2020 21:42:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2241657-14&cid=1523601114.1588110126&jid=899323271&_v=j81&z=1836385206&slf_rd=1&random=3463550434
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s.png
www.asadcdn.com/bt/ 92 B
92 B 12ms
12ms Image
image/png 2.21.79.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.asadcdn.com/bt/s.png?b=0
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.79.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-79-18.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:06 GMT
status: 200
content-length: 92
pragma: no-cache
last-modified: Thu, 04 Jul 2019 12:46:36 GMT
server: AkamaiNetStorage
etag: "577c1b017cfbbede59e6ab605b1375f2:1563265282.125039"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 28 Apr 2020 21:42:06 GMT

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/4023085f14f5a9c9/ 260 KB
86 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/4023085f14f5a9c9/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=015545864336605717175:rq6sgru8yxb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c852d77b2b93c6bf9c1d0ed52019dd893fa65577b80ac1ca9df5d767eeb1be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 15:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 17:08:58 GMT
server: sffe
age: 23622
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 88279
x-xss-protection: 0
expires: Wed, 28 Apr 2021 15:08:24 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/4023085f14f5a9c9/ 40 KB
9 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/4023085f14f5a9c9/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=015545864336605717175:rq6sgru8yxb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a95d057d3fe90ee1644edbddfa370cfec43701106d45ae2efa91e8b8afffcec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 15:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 17:08:58 GMT
server: sffe
age: 20819
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 8776
x-xss-protection: 0
expires: Wed, 28 Apr 2021 15:55:07 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v3/ 11 KB
3 KB 26ms
9ms Stylesheet
text/css 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v3/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=015545864336605717175:rq6sgru8yxb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ceaa25ec7654a66294c16e28989fbf1ecb9cebc9debe96ec597529465c7cd50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 20:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Nov 2019 23:30:00 GMT
server: sffe
age: 2775
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2719
x-xss-protection: 0
expires: Tue, 28 Apr 2020 21:45:51 GMT

GET
H2

200

pcs.gif
tagger.opecloud.com/asci/
Redirect Chain

https://tagger.opecloud.com/asci/pcs.gif?puid=84080406955
https://tagger.opecloud.com/asci/pcs.gif?puid=84080406955&trackability-redirect=true

35 B
414 B

26ms
26ms

Image
image/gif

3.126.112.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tagger.opecloud.com/asci/pcs.gif?puid=84080406955&trackability-redirect=true
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.112.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-112-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Apr 2020 21:42:06 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="ADMa OUR IND DSP NON COR"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 51
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Apr 2020 21:42:06 GMT
content-encoding: gzip
status: 302
vary: Accept-Encoding
p3p: CP="ADMa OUR IND DSP NON COR"
location: https://tagger.opecloud.com/asci/pcs.gif?puid=84080406955&trackability-redirect=true
cache-control: no-cache, no-store, must-revalidate
content-length: 20
expires: 0

GET
H/1.1 204
No Content m
ad.yieldlab.net/ 0
522 B 19ms
17ms Image
text/plain 104.111.241.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4575&ext_id=84080406955

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.241.250 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-241-250.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Apr 2020 21:42:06 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Mon, 27 Apr 2020 21:42:06 GMT

GET
H2

200

pbfs.gif
tagger.opecloud.com/adition/
Redirect Chain

https://tagger.opecloud.com/asmi/v1/pixel.gif?url=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy&ref=&tz=-2&screen=1600x1200x24&tref=&cmp...
https://tagger.opecloud.com/asmi/v1/pixel.gif?tref=&url=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy&tz=-2&trackability-redirect=true&r...
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ftagger.opecloud.com%2Fsmart%2Fpbfs.gif%3Fsource%3Dasmi%26state%3D2-gUeXu9HnIshEdVc2vym0E3oGfXbrdi9DW2E%253D%26puid%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https%3a%2f%2ftagger.opecloud.com%2fsmart%2fpbfs.gif%3fsource%3dasmi%26state%3d2-gUeXu9HnIshEdVc2vym0E3oGfXbrdi9DW2E%253D%26puid%3d%5bsas_uid%5d&cklb=1
https://tagger.opecloud.com/smart/pbfs.gif?source=asmi&state=2-gUeXu9HnIshEdVc2vym0E3oGfXbrdi9DW2E%3D&puid=7329906998528363831
https://secure.adnxs.com/getuid?https%3A%2F%2Ftagger.opecloud.com%2Fappnexus%2Fpbfs.gif%3Fsource%3Dasmi%26state%3D2-FsIC3k9F%252FdNWXSNCfQ3dttUs%252BNx%252B3FykLyw%253D%26puid%3D%24UID
https://tagger.opecloud.com/appnexus/pbfs.gif?source=asmi&state=2-FsIC3k9F%2FdNWXSNCfQ3dttUs%2BNx%2B3FykLyw%3D&puid=2851432344238157639
https://cm.g.doubleclick.net/pixel?region=dbm-de&google_nid=1plusx_dmp&google_cm&state=2-IaUAp%2Fgl%2FrJdE2E7%2FiJ0TsulafkIs%2Fmbtvg%3D&source=asmi
https://cm.g.doubleclick.net/pixel?region=dbm-de&google_nid=1plusx_dmp&google_cm=&state=2-IaUAp%2Fgl%2FrJdE2E7%2FiJ0TsulafkIs%2Fmbtvg%3D&source=asmi&google_tc=
https://tagger.opecloud.com/dbm/opecs.gif?region=dbm-de&state=2-IaUAp%2Fgl%2FrJdE2E7%2FiJ0TsulafkIs%2Fmbtvg%3D&source=asmi&google_gid=CAESEOEwn9SWXuws4pGKTylEjwY&google_cver=1
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Ftagger.opecloud.com%2Fadition%2Fpbfs.gif%3Fsource%3Dasmi%26state%3D2-PZ6FunH7E7tauX5HqgoUoNLcc9dhXhifuW4%253D%26puid%3D%25%25COOKIE%25%25
https://tagger.opecloud.com/adition/pbfs.gif?source=asmi&state=2-PZ6FunH7E7tauX5HqgoUoNLcc9dhXhifuW4%3D&puid=6820881053645338765

35 B
211 B

14ms
14ms

Image
image/gif

3.126.112.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tagger.opecloud.com/adition/pbfs.gif?source=asmi&state=2-PZ6FunH7E7tauX5HqgoUoNLcc9dhXhifuW4%3D&puid=6820881053645338765
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.112.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-112-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Apr 2020 21:42:07 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
content-length: 51
expires: 0

Redirect headers

Location: https://tagger.opecloud.com/adition/pbfs.gif?source=asmi&state=2-PZ6FunH7E7tauX5HqgoUoNLcc9dhXhifuW4%3D&puid=6820881053645338765
Date: Tue, 28 Apr 2020 21:42:06 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
9ms XHR
application/javascript 13.225.86.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 05:00:51 GMT
content-encoding: gzip
vary: Origin
age: 60139
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 09 Apr 2020 23:46:54 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: bOzc_3kqoe09kM_mot2Q8XmK6aR_y1SebqqDHDe39_3zlp30-k8Kgw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
375 B 43ms
42ms XHR
text/javascript 13.225.86.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3135&u=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy&pid=RzZ1qo26olJud&cb=0&ws=1600x1200&v=7.49.02&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22businessinsider.de-desktop-404_page-superbanner%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22800x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22businessinsider.de-desktop-404_page-billboard_btf%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22businessinsider.de-desktop-404_page-sky%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22businessinsider.de-desktop-404_page-mrec%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22businessinsider.de-desktop-404_page-mrec_btf%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22businessinsider.de-desktop-404_page-mrec_btf%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22businessinsider.de-desktop-404_page-mrec_btf%22%7D%5D&cfgv=0&gdpre=1&gdprc=BOyll_POyll_PBQABBENDHAAAAAvSAAA&gdprl=%7B%22status%22%3A%22cmp-success%22%7D
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:06 GMT
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C2
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.businessinsider.de
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: iGUzVldL-jrLpaquNAoFCoVmI-5DePwIz_Qy-rsoVgkswzY8USvxuw==

GET
H/1.1 200
OK pixel
tr.outbrain.com/ 43 B
333 B 393ms
100ms Image
image/gif 64.202.112.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.outbrain.com/pixel?marketerId=009c24843dc6a4e9edd0dceb23d3ae5cf5&obApiVersion=1.1&obtpVersion=1.1.9&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy&optOut=true&bust=09066890861287662

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 28 Apr 2020 21:42:06 GMT
content-encoding: gzip
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: image/gif;
Cache-Control: no-cache
Connection: close
X-TraceId: f326670e8db7d5eeedcbe905b87732d3
Content-Length: 60

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=13194393&ns__t=1588110126392&ns_c=UTF-8&cv=3.5&c8=Page%20not%20found%20-%20Business%20Insider&c7=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3...
https://sb.scorecardresearch.com/b2?c1=2&c2=13194393&ns__t=1588110126392&ns_c=UTF-8&cv=3.5&c8=Page%20not%20found%20-%20Business%20Insider&c7=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%...

0
248 B

10ms
7ms

Image
text/plain

2.16.31.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=13194393&ns__t=1588110126392&ns_c=UTF-8&cv=3.5&c8=Page%20not%20found%20-%20Business%20Insider&c7=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy&c9=
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-31-65.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Apr 2020 21:42:06 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=13194393&ns__t=1588110126392&ns_c=UTF-8&cv=3.5&c8=Page%20not%20found%20-%20Business%20Insider&c7=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy&c9=
Pragma: no-cache
Date: Tue, 28 Apr 2020 21:42:06 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 328ms
106ms Image
image/gif 3.216.85.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=businessinsider.de&p=%2Fattacks-cel%3FIR%3DT&u=CKpVD6DkztiwDXtCPB&d=businessinsider.de&g=14447&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3651&t=Bnn3weB-VaWtC-8PCSCilwVavfslX&V=120&i=Page%20not%20found%20-%20Business%20Insider&tz=-120&sn=1&sv=CdBM_9S4JuKCmdyH6SKhaaBoGJQg&sd=1&im=0e030402&_
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.85.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-85-5.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Tue, 28 Apr 2020 21:42:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 466 KB
123 KB 165ms
165ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

7be6a58931bd071bca092e00e4b38aee3dc71226d7e6b294d7c926968065162c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 28 Apr 2020 21:42:08 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 83.97.23.35; 83.97.23.35; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.108:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 61da1fef-1244-4206-be63-e93e55eeec7d
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.businessinsider.de
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
152 B 91ms
25ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=28&wv=3.17.0&cb=95912165700
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 28 Apr 2020 21:42:06 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.businessinsider.de
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 537 B
4 KB 198ms
154ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10113&site_id=245834&zone_id=1215828&size_id=2%3B9%3B15&alt_size_ids=57%2C125%3B8%2C10%3B10%2C73&p_pos=atf&gdpr=0&rf=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy%3Bhttps%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy%3Bhttps%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy&kw=businessinsider.de-desktop-404_page&tg_i.domain=businessinsider.de&tg_i.plgroup=businessinsider.de-desktop-404_page&tk_flint=pbjs_lite_v3.17.0&x_source.tid=641f3a83-9e16-4f5c-9d8f-b6829b072fca%3B786a01bf-d8ca-42c9-9516-b81aae631b15%3B3f5737ff-89a6-4c51-98f9-50b1cdae308e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=3&rand=0.019954991157364876
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 1a3f3726979efc112e0ea3b6fc59f1d03703dc0e454e07ade73c5d3af041ddb3

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Apr 2020 21:42:06 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.businessinsider.de
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=415
Content-Length: 537
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

200

arj Show response
axel-springer-d.openx.net/w/1.0/
Redirect Chain

https://axel-springer-d.openx.net/w/1.0/arj?ju=https://www.businessinsider.de/attacks-cel?IR=T
https://axel-springer-d.openx.net/w/1.0/arj?cc=1&ju=https://www.businessinsider.de/attacks-cel?IR=T

172 B
460 B

26ms
22ms

XHR
application/json

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://axel-springer-d.openx.net/w/1.0/arj?cc=1&ju=https://www.businessinsider.de/attacks-cel?IR=T
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.184.0 /
Resource Hash: cc7b4a7e4e010d28518a22c784c0dd27919269f466938be582d2f1598368d500

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Apr 2020 21:42:06 GMT
content-encoding: gzip
server: OXGW/16.184.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.businessinsider.de
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 28 Apr 2020 21:42:06 GMT
via: 1.1 google
server: OXGW/16.184.0
status: 302
location: https://axel-springer-d.openx.net/w/1.0/arj?cc=1&ju=https://www.businessinsider.de/attacks-cel?IR=T
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.businessinsider.de
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 129ms
72ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Apr 2020 21:42:06 GMT
x-smrt-d: 6%3b27%3b73
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.businessinsider.de
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 119ms
62ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Apr 2020 21:42:06 GMT
x-smrt-d: 6%3b28%3b111
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.businessinsider.de
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 121ms
64ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Apr 2020 21:42:06 GMT
x-smrt-d: 6%3b13%3b65
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.businessinsider.de
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0
expires: -1

POST
H2 200 mediaimpact_bid Show response
rtb.d.adup-tech.com/prebid/ 976 B
1 KB 84ms
28ms XHR
application/json 35.158.165.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.d.adup-tech.com/prebid/mediaimpact_bid
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.165.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-165-149.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f3fd7afd037a287f489d4365bb68d367705640cc537ed143ffa73cc70ccfde93

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Apr 2020 21:42:06 GMT
content-encoding: gzip
server: nginx
status: 200
access-control-max-age: 600
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="OTC NOI DSP COR PSAo PSDo IVAo IVDo OTPo OUR IND"
access-control-allow-origin: https://www.businessinsider.de
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Forwarded-For,X-Real-IP

POST
H2 200 mediaimpact_bid Show response
rtb.d.adup-tech.com/prebid/ 977 B
1 KB 83ms
28ms XHR
application/json 35.158.165.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.d.adup-tech.com/prebid/mediaimpact_bid
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.165.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-165-149.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 797b7ca27c56321fb7e750049bfbe840ea84bbb347dbe16f698f6a6c156e32cc

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Apr 2020 21:42:06 GMT
content-encoding: gzip
server: nginx
status: 200
access-control-max-age: 600
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="OTC NOI DSP COR PSAo PSDo IVAo IVDo OTPo OUR IND"
access-control-allow-origin: https://www.businessinsider.de
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Forwarded-For,X-Real-IP

POST
H2 200 mediaimpact_bid Show response
rtb.d.adup-tech.com/prebid/ 977 B
1 KB 83ms
29ms XHR
application/json 35.158.165.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.d.adup-tech.com/prebid/mediaimpact_bid
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.165.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-165-149.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2b241f0e76fc892f302b2c57bc90d9e8621f05a7131c8e017bad39aa9aa73eb5

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Apr 2020 21:42:06 GMT
content-encoding: gzip
server: nginx
status: 200
access-control-max-age: 600
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="OTC NOI DSP COR PSAo PSDo IVAo IVDo OTPo OUR IND"
access-control-allow-origin: https://www.businessinsider.de
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Forwarded-For,X-Real-IP

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
121 B 158ms
105ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 28 Apr 2020 21:42:06 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.businessinsider.de

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 0
419 B 61ms
14ms XHR
text/javascript 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=322394&v=7.2&r={%22id%22:%222603a2f359fa67e%22,%22imp%22:[{%22id%22:%22272d1ceb697f53c%22,%22ext%22:{%22siteID%22:%22322394%22,%22sid%22:%22728x90%22},%22banner%22:{%22w%22:728,%22h%22:90,%22topframe%22:1}},{%22id%22:%2228bb03d12b7bbc9%22,%22ext%22:{%22siteID%22:%22322397%22,%22sid%22:%22800x250%22},%22banner%22:{%22w%22:800,%22h%22:250,%22topframe%22:1}},{%22id%22:%22298f4c6432a62aa%22,%22ext%22:{%22siteID%22:%22322398%22,%22sid%22:%22970x250%22},%22banner%22:{%22w%22:970,%22h%22:250,%22topframe%22:1}},{%22id%22:%2230cd9b2ff3a901d%22,%22ext%22:{%22siteID%22:%22322395%22,%22sid%22:%22160x600%22},%22banner%22:{%22w%22:160,%22h%22:600,%22topframe%22:1}},{%22id%22:%223115437caf282c6%22,%22ext%22:{%22siteID%22:%22322396%22,%22sid%22:%22300x600%22},%22banner%22:{%22w%22:300,%22h%22:600,%22topframe%22:1}},{%22id%22:%22325d42cb0b35e87%22,%22ext%22:{%22siteID%22:%22320923%22,%22sid%22:%22300x250%22},%22banner%22:{%22w%22:300,%22h%22:250,%22topframe%22:1}},{%22id%22:%223355e2c43bc6af1%22,%22ext%22:{%22siteID%22:%22322396%22,%22sid%22:%22300x600%22},%22banner%22:{%22w%22:300,%22h%22:600,%22topframe%22:1}}],%22site%22:{%22page%22:%22https://www.businessinsider.de/attacks-cel?IR=T
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Apr 2020 21:42:06 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: https://www.businessinsider.de
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Tue, 28 Apr 2020 21:42:06 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 379 B
1 KB 70ms
44ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

10ace13efa945fbe4a61b421774a2e7926b85c7f6f0a07ffe14ea6472a176a07

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Apr 2020 21:42:08 GMT
X-Proxy-Origin: 83.97.23.35; 83.97.23.35; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.50:80
AN-X-Request-Uuid: 0e86f999-e16c-482e-b3ed-37e973893b1b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.businessinsider.de
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 379
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 463543,463544,463544,463537,463541,463540,463539,463546,463541,463536 Show response
ad.yieldlab.net/yp/ 2 B
1 KB 106ms
106ms XHR
application/json 104.111.241.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.yieldlab.net/yp/463543,463544,463544,463537,463541,463540,463539,463546,463541,463536?ts=1588110126536&json=true&gdpr=false
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.241.250 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-241-250.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Apr 2020 21:42:06 GMT
Content-Encoding: gzip
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Language: en-US
Access-Control-Allow-Origin: https://www.businessinsider.de
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length: 28
Expires: Mon, 27 Apr 2020 21:42:06 GMT

GET
H2 200 oneTag.js Show response
www.asadcdn.com/adlib/templates/ 11 KB
4 KB 18ms
14ms Script
application/x-javascript 2.21.79.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.asadcdn.com/adlib/templates/oneTag.js
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.79.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-79-18.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a170b35a5551956dc024a7055f3e902344dbfaa056632d2877563551b7ed99a2

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:06 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 3561
pragma: no-cache
last-modified: Mon, 27 Apr 2020 12:49:27 GMT
server: AkamaiNetStorage
etag: "b20d41f84436d201cc3afc7f785dafe7:1587991767.756363"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 28 Apr 2020 21:42:06 GMT

GET
H2 200 mediation.js Show response
www.asadcdn.com/adlib/extensions/ Frame 202F 21 KB
8 KB 12ms
10ms Script
application/x-javascript 2.21.79.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.asadcdn.com/adlib/extensions/mediation.js
Requested by: Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.79.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-79-18.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85464cf3a92848756b19d9dc0981f9c9c8c1ffef438f071c1d505b7e4b356af3

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:06 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 7224
pragma: no-cache
last-modified: Wed, 19 Feb 2020 12:06:44 GMT
server: AkamaiNetStorage
etag: "cad51f4be108da8c4b58fca4c11a63d6:1582114004.616828"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 28 Apr 2020 21:42:06 GMT

GET
H/1.1 200
OK log_req
fra1-ib.adnxs.com/mediation/v2/ Frame 202F 0
813 B 43ms
9ms Image
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/mediation/v2/log_req?info=LwAAAAMABQEFAQiwxqL1BRC26JrCzvLA7nsYjz0hg_qWOV0WK0AoiJKJaDA3OAA.&s=f5be0b6768ac984a4e9b2c37a3a589eb2444a6d4

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Apr 2020 21:42:08 GMT
X-Proxy-Origin: 83.97.23.35; 83.97.23.35; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.238:80
AN-X-Request-Uuid: fff4ccc5-5a2b-408e-b43b-f49b62d527c4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 8598 43 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.businessinsider.de
URL: https://www.businessinsider.de/attacks-cel?IR=T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

035b2b00b4ebf3e8c6ab0692a07eab9719cae717a900c853d42be7de303a7013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "500 / 835 of 1000 / last-modified: 1588103688"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 14513
x-xss-protection: 0
expires: Tue, 28 Apr 2020 21:42:06 GMT

GET
H2 200 pubads_impl_2020042302.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8598 237 KB
86 KB 81ms
44ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:07:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 87243
x-xss-protection: 0
expires: Tue, 28 Apr 2020 21:42:06 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 8598 113 B
178 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.businessinsider.de

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 21:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 108
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8598 57 KB
16 KB 419ms
418ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4470175820571816&correlator=456250046756254&output=ldjh&impl=fif&eid=21065203&vrg=2020042302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200428&iu_parts=113349434%2Cbusinessinsider.de%2Cdesktop%2C404_page%2Csuperbanner&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C728x600%7C800x250%7C970x250%7C1000x600&prev_scp=aduptech%3Daduptech_970x250_10%26hb_adid%3D50ab97caf2838da%26hb_repo%3Dsuperbanner%25C2%25A7aduptech%25C2%25A7970x250%26hb_w%3D970%26hb_h%3D250%26hb_size%3D970x250%26hb_price%3D10%26hb_bidder%3Daduptech%26hb_mediaType%3Dbanner%26target%3D%2CnetSpeed%253Dfast%252C119%2C%26prgrnd%3D56%26contId_prgrnd%3Dsuperbanner_56%26branch%3Dmaster%26netSpeed%3D119%26miSlot%3Dsuperbanner%26anhb%3Danhb_2&eri=6&cookie_enabled=1&cdm=www.businessinsider.de&bc=31&abxe=1&lmt=1588110127&dt=1588110127014&dlt=1588110126803&idt=183&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3759357361&ucis=en6vhw9xr75l&ifi=1&ifk=2228859536&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy&loc=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT&top=www.businessinsider.de&dssz=4&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1523601114.1588110126&ga_sid=1588110127&ga_hid=1001767431&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

8c25f55bab871bb07749fbc9759df059358f47ac3276daa996870d2ade5470ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 15955
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.businessinsider.de
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 8598 0
0 6ms
6ms Other
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 5DCE 0
0 12ms
9ms Document
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.businessinsider.de/attacks-cel?IR=T
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.businessinsider.de/attacks-cel?IR=T

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Mon, 27 Apr 2020 16:38:35 GMT
expires: Tue, 27 Apr 2021 16:38:35 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 104612
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8598 74 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c56935854bed13b06e04dd8a756cb635edca2f98d1f55b3608ecc200162426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587986955147099"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28343
x-xss-protection: 0
expires: Tue, 28 Apr 2020 21:42:07 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8598 7 KB
5 KB 22ms
17ms XHR
application/json 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41164031572bc6943be0408a58890f859eebce1721bcafc8621079797b1d4f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Apr 2020 21:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5489
x-xss-protection: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/185/ Frame 8598 77 KB
29 KB 50ms
17ms Script
application/x-javascript 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/185/trk.js
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/extensions/mediation.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5525eaacb6b3ca8084e83288d385910cdedf0f603eeb46cf48304ae04062b038

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 28 Apr 2020 21:42:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Mar 2020 10:08:10 GMT
Server: Apache
ETag: "dbf324afd20a30f16a56d3a5b78cede2:1585044492"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *, *, *, *, *, *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29353
Expires: Wed, 28 Apr 2021 21:42:07 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 202F 0
657 B 33ms
33ms Image
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy&e=wqT_3QKlCaClBAAAAwDWAAUBCLDGovUFELbomsLO8sDuexgAKjYJg_qWOV0WK0ARgw0JJBkAAABgZmYrQCERGwApEQn08gExAAAAQOH6KkAw56DKCDiPPUCPPUgCUIiSiWhYgP1NYABoh5FneNSOBYABAYoBA1VTRJIBA0VVUpgBoAagAfoBqAEGsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEA-gEvYnVzaW5lc3NpbnNpZGVyLmRlLWRlc2t0b3AtNDA0X3BhZ2Utc3VwZXJiYW5uZXKKAjx1ZignYScsIDIxOTEwODQsIDE1ODgxMTAxMjgpO3VmKCdyJywgMjE4MjUzNTc2LCAxNTg4MTEwMTI4KTuSAoUDIVpVZzBKZ2pPMUs0VEVJaVNpV2dZQUNDQV9VMHdBRGdBUUFSSWp6MVE1NkRLQ0ZnQVlQX19fXzhQYUFCd0FYZ0JnQUVCaUFFQmtBRUJtQUVCb0FFQnFBRURzQUVBdVFGd1dZWE5BQUFwUU1FQjJ2VWxobDBXSzBESkFRQUFBQUFBQVBBXzJRR2Jjb1YzdVlqdFAtQUJBSmdDQUtBQ0FMVUNBQUFBQUwwQ0FBQUFBTUFDQWNnQ0FkQUNBZGdDQWVBQ0FPZ0NBUGdDQUlBREFaZ0RBYWdEenRTdUU3b0RDVVpTUVRFNk16a3hNZUFEcVItSUJBQ1FCQUNZQkFIQkJBQUFBQUFBQUFBQXlRUUFBQUFBQUFBQUFOZ0VBUEVFQUFBQUFBAR9UQ0lCY2NlcVFXYmNvVjN1WWp0UDdFRgEaCQEMREJCUQkKAQEIeVFVAQcJAQBOMigAAFouKABMNEFXQTFWSS6aAokBIXlCRjdoZ2oyiQEoZ1AxTklBUW9BREUJTZBBQXBRRG9KUmxKQk1Ub3pPVEV4UUtrZlNadHloWGU1aU8wX1VRESsIQUFXHZUAWR0MAGEdDABjHQxwZUFBLtgCl2zgAoWFRuoCWmh0dHBzOi8vd3d3LmJCnAL0FwEvYXR0YWNrcy1jZWw_SVI9VCMxNjA7cGhvbmUtdG93ZXJzLWNvcm9uYXZpcnVzLTVnLWNvbnNwaXJhY3mAAwGIAwGQAwCYAxegAwGqAwDAA6wCyAMB2APRrm3gAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBAs4My45Ny4yMy4zNagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjc4MjMjRlJBMTozOTEx2gQCCAHgBAHwBIiSiWiIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWQigj6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGgCjaBhYKEAAABRIVAZwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JAAAAAAAAAAAQABgA&s=a7cd7eb23035bcd2743a03d904e47c0ed051e8af

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Apr 2020 21:42:09 GMT
X-Proxy-Origin: 83.97.23.35; 83.97.23.35; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.10:80
AN-X-Request-Uuid: 0dfedfe1-413b-43f5-a9c8-04efe2d7fbe2
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK log_resp
fra1-ib.adnxs.com/mediation/v2/ Frame 202F 0
658 B 44ms
15ms Image
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/mediation/v2/log_resp?info=LwAAAAMABQEFAQiwxqL1BRC26JrCzvLA7nsYjz0hg_qWOV0WK0AoiJKJaDA3OAA.&s=f5be0b6768ac984a4e9b2c37a3a589eb2444a6d4&reason=0&latency=670

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Apr 2020 21:42:09 GMT
X-Proxy-Origin: 83.97.23.35; 83.97.23.35; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.178:80
AN-X-Request-Uuid: e9d963a6-fc80-4cc8-bd97-2ff5dda45c29
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8598 14 KB
5 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Tue, 28 Apr 2020 21:42:07 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 8598 0
687 B 26ms
25ms Other
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy&e=wqT_3QKlCaClBAAAAwDWAAUBCLDGovUFELbomsLO8sDuexgAKjYJg_qWOV0WK0ARgw0JJBkAAABgZmYrQCERGwApEQn08gExAAAAQOH6KkAw56DKCDiPPUCPPUgCUIiSiWhYgP1NYABoh5FneNSOBYABAYoBA1VTRJIBA0VVUpgBoAagAfoBqAEGsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEA-gEvYnVzaW5lc3NpbnNpZGVyLmRlLWRlc2t0b3AtNDA0X3BhZ2Utc3VwZXJiYW5uZXKKAjx1ZignYScsIDIxOTEwODQsIDE1ODgxMTAxMjgpO3VmKCdyJywgMjE4MjUzNTc2LCAxNTg4MTEwMTI4KTuSAoUDIVpVZzBKZ2pPMUs0VEVJaVNpV2dZQUNDQV9VMHdBRGdBUUFSSWp6MVE1NkRLQ0ZnQVlQX19fXzhQYUFCd0FYZ0JnQUVCaUFFQmtBRUJtQUVCb0FFQnFBRURzQUVBdVFGd1dZWE5BQUFwUU1FQjJ2VWxobDBXSzBESkFRQUFBQUFBQVBBXzJRR2Jjb1YzdVlqdFAtQUJBSmdDQUtBQ0FMVUNBQUFBQUwwQ0FBQUFBTUFDQWNnQ0FkQUNBZGdDQWVBQ0FPZ0NBUGdDQUlBREFaZ0RBYWdEenRTdUU3b0RDVVpTUVRFNk16a3hNZUFEcVItSUJBQ1FCQUNZQkFIQkJBQUFBQUFBQUFBQXlRUUFBQUFBQUFBQUFOZ0VBUEVFQUFBQUFBAR9UQ0lCY2NlcVFXYmNvVjN1WWp0UDdFRgEaCQEMREJCUQkKAQEIeVFVAQcJAQBOMigAAFouKABMNEFXQTFWSS6aAokBIXlCRjdoZ2oyiQEoZ1AxTklBUW9BREUJTZBBQXBRRG9KUmxKQk1Ub3pPVEV4UUtrZlNadHloWGU1aU8wX1VRESsIQUFXHZUAWR0MAGEdDABjHQxwZUFBLtgCl2zgAoWFRuoCWmh0dHBzOi8vd3d3LmJCnAL0FwEvYXR0YWNrcy1jZWw_SVI9VCMxNjA7cGhvbmUtdG93ZXJzLWNvcm9uYXZpcnVzLTVnLWNvbnNwaXJhY3mAAwGIAwGQAwCYAxegAwGqAwDAA6wCyAMB2APRrm3gAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBAs4My45Ny4yMy4zNagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjc4MjMjRlJBMTozOTEx2gQCCAHgBAHwBIiSiWiIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWQigj6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGgCjaBhYKEAAABRIVAZwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JAAAAAAAAAAAQABgA&s=a7cd7eb23035bcd2743a03d904e47c0ed051e8af&type=nv&nvt=5&jm=1003&px=185&py=75&bw=970&bh=250&sid=4305081691065782391&vd=ct~0|rr~0&sv=185&tv=view7-1hs&ua=chrome52&pl=mac&x=v&tag_id=17993831&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=1200&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/185/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 28 Apr 2020 21:42:09 GMT
X-Proxy-Origin: 83.97.23.35; 83.97.23.35; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.108:80
AN-X-Request-Uuid: 76ade901-1f1a-4c6b-a2ab-5dcae7e097e1
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.businessinsider.de
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame C9F4 0
0 18ms
18ms Document
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.businessinsider.de/attacks-cel?IR=T
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.businessinsider.de/attacks-cel?IR=T

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Tue, 28 Apr 2020 21:18:17 GMT
expires: Wed, 28 Apr 2021 21:18:17 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1430
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 jsdiagnostic
pixel.adsafeprotected.com/ 43 B
216 B 105ms
37ms Image
image/gif 34.248.164.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:927274&sessionId:47ca5925-7ced-03a3-3d6b-91194036a5d8&err:responsetime%3A314%26probability%3A10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.164.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-164-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Apr 2020 21:42:07 GMT
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8598 0
58 B 15ms
15ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042302&jk=4470175820571816&bg=!2dql2sJYE8E5zWI2Ho0CAAAAYVIAAAAUmQG-M7n6eh7QI7QVsCVwoVhdkw0vQcrOjDaQt6GldLkGPY5IemMYlb1WSV8F1hO9qZ8Auxrev0bsb1ARZfSwTT8tcfypNBRZi9R80Z-rXuMoBSIZFXEka_-Rglv4s1LniNMXEuvpTbge_jr3FQYNSBHi_QAYD2UgIMIafLWJ6zwk_9wPUYbvbpSXmtzkNTPGUH34jJ_khmwHRRa4sBg-bW9V2fRVgAq7meYQqZahVU68D1_CvP6XF_RFkVmdeu1PKlU0XQbCwnz37Ue_INBWOmAYvbysMwTpYzZjrWt2J-BOC3BMZjFhKWFDqD67gTOYGut1zQhtjfAXyvlDp47LUrqoLG6tC8nvAQGK6ilv53Cqu4c_PC0tsRZQlxa4d0XGwilyICpHISV_ulxkeTa0sUZczUwk56KOnvsdE9Hgxfg678qos3cWXdXB5BRODR-Tcwd11WV-PWnpRCGdS1m4b2xBZ7tR0x5bjRjs6Nq5VyUTl-yRJoKGOCPgogHFk4tCANhSKO9AsH06X4wDemXlw2L1qwtvZvTZJKR75Zbt7TyFEOuQA8e2mwsNCvdQQe3XX4yw1ASDnO5CvdjQZOERX94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Apr 2020 21:42:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 8598 0
687 B 8ms
8ms Other
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.businessinsider.de%2Fattacks-cel%3FIR%3DT%23160%3Bphone-towers-coronavirus-5g-conspiracy&e=wqT_3QKlCaClBAAAAwDWAAUBCLDGovUFELbomsLO8sDuexgAKjYJg_qWOV0WK0ARgw0JJBkAAABgZmYrQCERGwApEQn08gExAAAAQOH6KkAw56DKCDiPPUCPPUgCUIiSiWhYgP1NYABoh5FneNSOBYABAYoBA1VTRJIBA0VVUpgBoAagAfoBqAEGsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEA-gEvYnVzaW5lc3NpbnNpZGVyLmRlLWRlc2t0b3AtNDA0X3BhZ2Utc3VwZXJiYW5uZXKKAjx1ZignYScsIDIxOTEwODQsIDE1ODgxMTAxMjgpO3VmKCdyJywgMjE4MjUzNTc2LCAxNTg4MTEwMTI4KTuSAoUDIVpVZzBKZ2pPMUs0VEVJaVNpV2dZQUNDQV9VMHdBRGdBUUFSSWp6MVE1NkRLQ0ZnQVlQX19fXzhQYUFCd0FYZ0JnQUVCaUFFQmtBRUJtQUVCb0FFQnFBRURzQUVBdVFGd1dZWE5BQUFwUU1FQjJ2VWxobDBXSzBESkFRQUFBQUFBQVBBXzJRR2Jjb1YzdVlqdFAtQUJBSmdDQUtBQ0FMVUNBQUFBQUwwQ0FBQUFBTUFDQWNnQ0FkQUNBZGdDQWVBQ0FPZ0NBUGdDQUlBREFaZ0RBYWdEenRTdUU3b0RDVVpTUVRFNk16a3hNZUFEcVItSUJBQ1FCQUNZQkFIQkJBQUFBQUFBQUFBQXlRUUFBQUFBQUFBQUFOZ0VBUEVFQUFBQUFBAR9UQ0lCY2NlcVFXYmNvVjN1WWp0UDdFRgEaCQEMREJCUQkKAQEIeVFVAQcJAQBOMigAAFouKABMNEFXQTFWSS6aAokBIXlCRjdoZ2oyiQEoZ1AxTklBUW9BREUJTZBBQXBRRG9KUmxKQk1Ub3pPVEV4UUtrZlNadHloWGU1aU8wX1VRESsIQUFXHZUAWR0MAGEdDABjHQxwZUFBLtgCl2zgAoWFRuoCWmh0dHBzOi8vd3d3LmJCnAL0FwEvYXR0YWNrcy1jZWw_SVI9VCMxNjA7cGhvbmUtdG93ZXJzLWNvcm9uYXZpcnVzLTVnLWNvbnNwaXJhY3mAAwGIAwGQAwCYAxegAwGqAwDAA6wCyAMB2APRrm3gAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBAs4My45Ny4yMy4zNagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjc4MjMjRlJBMTozOTEx2gQCCAHgBAHwBIiSiWiIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWQigj6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGgCjaBhYKEAAABRIVAZwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JAAAAAAAAAAAQABgA&s=a7cd7eb23035bcd2743a03d904e47c0ed051e8af&type=pv&jm=1003|1161&px=185&py=75&bw=970&bh=250&sf=1&sid=4305081691065782391&vd=ct~0|rr~6&sv=185&tv=view7-1hs&ua=chrome52&pl=mac&x=v&tag_id=17993831&cid=3&cr=pv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/185/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 28 Apr 2020 21:42:10 GMT
X-Proxy-Origin: 83.97.23.35; 83.97.23.35; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.238:80
AN-X-Request-Uuid: 87c193ad-40b8-47d0-8a44-0c2bc77bc97b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.businessinsider.de
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 67 KB
21 KB 17ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: www.asadcdn.com
URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: fcc4bd2980862773a80339fe80f550c6f2a6f8cc0205bf01f287a00155f0aae2

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 28 Apr 2020 21:42:09 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 08:37:42 GMT
server: nginx
etag: W/"5ea153d6-10c8e"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 29 Apr 2020 21:42:09 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=45b3fc61-b356-4cd1-baa1-1e327a9dc3e3&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=45b3fc61-b356-4cd1-baa1-1e327a9dc3e3&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJXF5OmZBBX7XPOv2a6Z7WU&google_cver=1

43 B
117 B

17ms
16ms

Image
image/gif

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJXF5OmZBBX7XPOv2a6Z7WU&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.184.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Apr 2020 21:42:09 GMT
via: 1.1 google
server: OXGW/16.184.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Apr 2020 21:42:09 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJXF5OmZBBX7XPOv2a6Z7WU&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156678&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?p=156678&gdpr=0&gdpr_consent=&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESELQueRHDI7gg-oXt-UsT0u8&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
539 B

21ms
21ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 28 Apr 2020 21:42:09 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: image

Redirect headers

Date: Tue, 28 Apr 2020 21:42:09 GMT
X-lat: Pug22004:0:543
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
X-Cnection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 398

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 337ms
93ms Image
image/gif 18.214.54.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=businessinsider.de&p=%2Fattacks-cel%3FIR%3DT&u=CKpVD6DkztiwDXtCPB&d=businessinsider.de&g=14447&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=1200&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=3651&t=Bnn3weB-VaWtC-8PCSCilwVavfslX&V=120&tz=-120&sn=2&sv=CdBM_9S4JuKCmdyH6SKhaaBoGJQg&sd=1&im=0e030402&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.54.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-54-249.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.businessinsider.de/attacks-cel?IR=T
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Tue, 28 Apr 2020 21:42:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.asadcdn.com/	1970-01-19 09:09:56	Name: akaas_ABTest-noad Value: 1588196526~rv=65~id=ba6b69ce1310a0b98cae917f5c1cfed4
www.businessinsider.de/	1970-01-19 09:08:31	Name: _cb_svref Value: null
www.businessinsider.de/	1970-01-19 18:37:18	Name: _cb Value: CKpVD6DkztiwDXtCPB
.businessinsider.de/	1978-01-11 21:31:40	Name: springBID Value: 895015771991578172
.businessinsider.de/	1970-01-19 09:09:56	Name: _gid Value: GA1.2.754352862.1588110126
www.businessinsider.de/	1970-01-19 18:37:18	Name: _chartbeat2 Value: .1588110126406.1588110126406.1.CdBM_9S4JuKCmdyH6SKhaaBoGJQg.1
www.businessinsider.de/	1970-01-19 18:37:18	Name: _cb_ls Value: 1
.businessinsider.de/	1970-01-19 09:08:30	Name: _gat_UA-2241657-14 Value: 1
.businessinsider.de/	1970-01-20 02:39:42	Name: _ga Value: GA1.2.1523601114.1588110126
.businessinsider.de/	1978-01-11 21:31:40	Name: nexusId Value: 895015771991578172

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3(Line 1) Message: %cAdLib v3.1.2 loaded background-color:#4a0859;color:#fff;padding:3px;
console-api	info	URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3(Line 1) Message: AST library loaded: 0.29.0
console-api	error	URL: https://www.asadcdn.com/adlib/pages/businessinsider.js?ver=5.3(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://www.asadcdn.com/adlib/extensions/mediation.js(Line 1) Message: anx-mediation %cSUCCESS color: green
console-api	log	URL: https://www.asadcdn.com/adlib/extensions/mediation.js(Line 1) Message: anx-mediation: %cSUCCESS %ccreative ids 218253576 color: green color: black
console-api	log	URL: https://www.asadcdn.com/adlib/extensions/mediation.js(Line 1) Message: anx-mediation: INIT --
console-api	log	URL: https://www.asadcdn.com/adlib/extensions/mediation.js(Line 1) Message: anx-mediation: SUCCESS 670ms
console-api	log	URL: https://www.asadcdn.com/adlib/extensions/mediation.js(Line 1) Message: console.groupEnd
console-api	log	URL: https://www.asadcdn.com/adlib/extensions/mediation.js(Line 1) Message: console.groupEnd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.yieldlab.net
adservice.google.de
amplify.outbrain.com
as-sec.casalemedia.com
axel-springer-d.openx.net
bidder.criteo.com
c.amazon-adsystem.com
cdn.adnxs.com
cdn.c-i.as
cm.g.doubleclick.net
cse.google.com
de.ioam.de
dsp.adfarm1.adition.com
eu-u.openx.net
fastlane.rubiconproject.com
fra1-ib.adnxs.com
h.df-srv.de
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image8.pubmatic.com
irqs.ioam.de
log.outbrainimg.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
prg.smartadserver.com
profiles.tagger.opecloud.com
rtb.d.adup-tech.com
sb.scorecardresearch.com
script.ioam.de
secure.adnxs.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.cleverpush.com
static.criteo.net
stats.g.doubleclick.net
sync.smartadserver.com
tagger.opecloud.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
tr.outbrain.com
unpkg.com
us-u.openx.net
vendorlist.consensu.org
widgets.outbrain.com
www.asadcdn.com
www.businessinsider.com
www.businessinsider.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.111.241.250
13.224.193.11
13.225.86.250
151.101.13.108
151.101.13.171
172.217.16.130
172.217.21.226
178.250.2.152
18.214.54.249
185.64.189.110
185.64.189.112
185.64.190.79
185.86.138.114
185.86.139.95
193.46.63.75
2.16.31.65
2.21.79.18
23.210.248.65
23.210.249.164
23.210.249.83
23.210.250.44
2600:9000:21f3:f800:1:af78:4c0:93a1
2606:4700:10::6816:429a
2606:4700:3033::681b:a280
2606:4700::6810:7aaf
2a00:1450:4001:808::200e
2a00:1450:4001:815::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:81b::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:81f::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c08::9b
2a02:2638::3
3.126.112.135
3.216.85.5
34.248.164.240
34.95.120.147
35.158.165.149
35.186.239.85
37.252.172.38
37.252.173.22
37.252.173.27
52.58.104.66
64.202.112.63
69.173.144.143
85.114.159.93
91.215.103.64
91.215.103.65
93.190.69.241
026b2a1b92123d0d1be22b2f3ad8aabf10a7c90bb921f33792e2fde41fc4d20a
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
035b2b00b4ebf3e8c6ab0692a07eab9719cae717a900c853d42be7de303a7013
03bbf9e10aec22369db8b313a649c190ae30e0ca12a7cdb704b512e5559db505
04e3501d88133593f3c40bafaf9819834fa3c651110be1aabc2ab7e1b5af0c98
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a95d057d3fe90ee1644edbddfa370cfec43701106d45ae2efa91e8b8afffcec
0b2f111bc173989d8382fc8aa762880a4cc1b486719ef0afd506381692e0a649
0b3678d81937a06cba82b9b8d1b69a6e60c1133246d9798e681bf3908aa390bc
0bdda96858933db76979b062926fc3adcf1108a88fdec7602567b0b412740bd8
10ace13efa945fbe4a61b421774a2e7926b85c7f6f0a07ffe14ea6472a176a07
1615f1ff025d6fe1f52f8305bb86c36bf7ed8a8849d40936148e85a7f301437c
1a3f3726979efc112e0ea3b6fc59f1d03703dc0e454e07ade73c5d3af041ddb3
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
21e4c693a76ff62ecedd88944ac1aa6da95ea7eadb8ee33237a22ea63a188d8b
2b241f0e76fc892f302b2c57bc90d9e8621f05a7131c8e017bad39aa9aa73eb5
2e23e8eb4fec82aac41332bbbd514ebe4f7681424a500bde82efc566057603c3
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
41164031572bc6943be0408a58890f859eebce1721bcafc8621079797b1d4f17
43fbafd9f9ecb62e74f7bec9f1fa005c5fabd2efe8511d16c254e57697b96c08
4516ec7d5df28b8711c99488aac11b977244d66342f5f589658c5f0831147805
4deb575369f8d3baa76f0a03a9c2370c2104505aea8f8e3818b72c1cd9e403cd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51c56935854bed13b06e04dd8a756cb635edca2f98d1f55b3608ecc200162426
5525eaacb6b3ca8084e83288d385910cdedf0f603eeb46cf48304ae04062b038
5c852d77b2b93c6bf9c1d0ed52019dd893fa65577b80ac1ca9df5d767eeb1be6
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4
66f2274b8c470d0e1eab153eede31f493055184eafb90a105d59511e39522286
68edd104fc66f0d2b21271238e814185b2da731be9ab352d2ee3eff80cac1e7a
69bd6d09cd63366b9cec049dd5394ba7c0670c358a6bf259da66c3e1fbc6eaf5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
797b7ca27c56321fb7e750049bfbe840ea84bbb347dbe16f698f6a6c156e32cc
7be6a58931bd071bca092e00e4b38aee3dc71226d7e6b294d7c926968065162c
7bfe6fb037e2582130679c2d94d1e9efb1948538a0c8f32b3fc95d6a78f4554d
7ef7c1bb8cba856f625a353c368ae223d632d4188477857a25e7015d0a28ee7c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85464cf3a92848756b19d9dc0981f9c9c8c1ffef438f071c1d505b7e4b356af3
8c25f55bab871bb07749fbc9759df059358f47ac3276daa996870d2ade5470ed
9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9426dab81ab7e8fd446184b6afcdec99435449172bf20f6fb1c9c2b75f6eb979
9ceaa25ec7654a66294c16e28989fbf1ecb9cebc9debe96ec597529465c7cd50
9efa53ec1a261a8576a66a71befaf9d03c1a108aac36271f4599b87597b8a71e
a170b35a5551956dc024a7055f3e902344dbfaa056632d2877563551b7ed99a2
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a92c1f1674c0d44b578d076451887d391914abbeeb912f5d59e9f0d009131de8
ae7b699deca17ac850f261b86f857894811126dcb526df2c68b0d46625acfb9d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d
bcb91cd80522c17f52a0f0163112a2983498f9fbc7c70917ed401a6a9413bf2c
c045b39fc0bc7a7e938fcc01bf947cfc302ce7c3c39cd2a7b279f58252c434ad
c3c93bf4dea7bc196bf74ad474951d8ff300198f95198fe8ec3e1c6ae41c5e81
c41dc37fea212372d1f53109304ebae695e644f9ce083dcab08d5978c8c3020f
c6b50285a55123287bc3e80226395b02191babe9fa5ce76f75ed29a8d720485e
cbbe8214de424f2c3055511e4134d7b43cefc0db3cf20f38cda93256a9faca16
cc7b4a7e4e010d28518a22c784c0dd27919269f466938be582d2f1598368d500
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
da5956eb40499755436091829dc92f137f6a7d076a34df1aed00e74ca4689141
e054f0f119165d113b897a7e0f59cd86bcdc81f3356cc3a8f726c499a6a9edf4
e2e2285645a6c1451bfb6784084d560719b2891aebc8845d28f9f93c69a31460
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a82586415fcb0f4fee3d92160bd08f8818edde3753d713129622f998a626ad
f3fd7afd037a287f489d4365bb68d367705640cc537ed143ffa73cc70ccfde93
f8b4fde7be3fa99a858afd07083567eb8bc37a638eb2ca3ee1b8d67d5dcba395
fc24feae2aa7c6dd7a875f614c86945e731a91c8f4723cf602faa5ac7a1a05a2
fcc4bd2980862773a80339fe80f550c6f2a6f8cc0205bf01f287a00155f0aae2

www.businessinsider.de Open in urlscan Pro 2606:4700:10::6816:429a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

98 Requests

100 %HTTPS

26 %IPv6

35 Domains

55 Subdomains

43 IPs

8 Countries

1232 kBTransfer

3505 kBSize

10 Cookies

13 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.businessinsider.de Open in urlscan Pro
2606:4700:10::6816:429a Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

100 %
HTTPS

26 %
IPv6

35
Domains

55
Subdomains

43
IPs

8
Countries

1232 kB
Transfer

3505 kB
Size

10
Cookies

98 HTTP transactions
0 data transactions