13.58.185.233 Open in urlscan Pro
13.58.185.233 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://13.58.185.233/
Submission: On August 29 via manual (August 29th 2023, 5:47:44 pm UTC) from US — Scanned from DE

Summary HTTP 240 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 73 IPs in 11 countries across 53 domains to perform 240 HTTP transactions. The main IP is 13.58.185.233, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is 13.58.185.233.
TLS certificate: Issued by Amazon RSA 2048 M01 on April 26th 2023. Valid for: a year.

This is the only time 13.58.185.233 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	13.58.185.233 13.58.185.233	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6812:d841	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
14	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	2607:fc48:bc4... 2607:fc48:bc4b::bc:238	40009 (BITGRAVITY) (BITGRAVITY)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:e30... 2a02:26f0:e300:184::5cb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 15	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2 4	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 4	104.18.39.155 104.18.39.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 5	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1 20	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	52.50.102.52 52.50.102.52	16509 (AMAZON-02) (AMAZON-02)
4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
2	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 5	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	67.220.226.234 67.220.226.234	16509 (AMAZON-02) (AMAZON-02)
2 2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
4	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
8 18	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	52.31.175.73 52.31.175.73	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	54.198.150.240 54.198.150.240	14618 (AMAZON-AES) (AMAZON-AES)
3 4	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 2	2a05:d018:d29... 2a05:d018:d29:3605:999f:1d55:f8df:b156	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 2	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	172.64.148.101 172.64.148.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:220... 2600:9000:2204:2e00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	54.158.55.205 54.158.55.205	() ()
1 2	151.101.2.49 151.101.2.49	() ()
1 1	82.145.213.8 82.145.213.8	() ()
1 1	35.214.193.250 35.214.193.250	() ()
1	2606:4700:10:... 2606:4700:10::ac43:db6	() ()
1 2	77.243.51.121 77.243.51.121	() ()
2 3	18.192.109.4 18.192.109.4	() ()
2 2	52.51.131.236 52.51.131.236	() ()
240	73

20 13.58.185.233 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-185-233.us-east-2.compute.amazonaws.com

13.58.185.233	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:fc48:bc4b::bc:238 (United States)

ASN40009 (BITGRAVITY, US)

cdn4-hbs.affinitymatrix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:e300:184::5cb (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

assets.telegraphindia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

abp-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.39.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.102.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-102-52.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.226.234 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.184.194 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.175.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-175-73.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.198.150.240 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-150-240.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.254 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:999f:1d55:f8df:b156 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.143.56 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.148.101 (United States)

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:fa8:8806:12::1370 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.254 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Weil am Rhein, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:2e00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.55.205 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (None, ) 1 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (None, ) 1 redirects

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.193.250 (None, ) 1 redirects

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (None, )

ASN- ()

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.121 (None, ) 1 redirects

ASN- ()

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.192.109.4 (None, ) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.131.236 (None, ) 2 redirects

ASN- ()

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210 ad.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42	230 KB
34	googlesyndication.com 1 redirects tpc.googlesyndication.com — Cisco Umbrella Rank: 155 pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com	284 KB
22	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9904 csm.eu.criteo.net — Cisco Umbrella Rank: 9439	118 KB
20	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 990 trc.taboola.com — Cisco Umbrella Rank: 629 trc-events.taboola.com — Cisco Umbrella Rank: 2041 am-trc-events.taboola.com — Cisco Umbrella Rank: 15028 images.taboola.com — Cisco Umbrella Rank: 1861 pips.taboola.com — Cisco Umbrella Rank: 1720 cds.taboola.com — Cisco Umbrella Rank: 1922	256 KB
19	pubmatic.com 1 redirects ads.pubmatic.com — Cisco Umbrella Rank: 547 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 557 image6.pubmatic.com — Cisco Umbrella Rank: 769 image2.pubmatic.com — Cisco Umbrella Rank: 875 simage2.pubmatic.com — Cisco Umbrella Rank: 797 t.pubmatic.com — Cisco Umbrella Rank: 2718 simage4.pubmatic.com — Cisco Umbrella Rank: 1267	161 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com	260 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	219 KB
9	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 609 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 484 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 594 dsum.casalemedia.com — Cisco Umbrella Rank: 1493	6 KB
7	criteo.com gum.criteo.com — Cisco Umbrella Rank: 435 dis.criteo.com — Cisco Umbrella Rank: 626 ads.eu.criteo.com — Cisco Umbrella Rank: 9359 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15639 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 10517	60 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245 acdn.adnxs.com — Cisco Umbrella Rank: 587 secure.adnxs.com — Cisco Umbrella Rank: 465	21 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
4	dotomi.com 1 redirects casale-match.dotomi.com — Cisco Umbrella Rank: 3259 dclk-match.dotomi.com — Cisco Umbrella Rank: 3135 pubmatic-match.dotomi.com	490 B
4	adform.net 3 redirects dmp.adform.net — Cisco Umbrella Rank: 3398 c1.adform.net — Cisco Umbrella Rank: 597	3 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2664	3 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1071 s.amazon-adsystem.com — Cisco Umbrella Rank: 320	3 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 360	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	327 KB
3	bidswitch.net 2 redirects x.bidswitch.net	1023 B
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 771	823 B
3	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 458 ups.analytics.yahoo.com — Cisco Umbrella Rank: 325	1 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 24109 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26137	899 B
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2412	361 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	142 KB
3	telegraphindia.com assets.telegraphindia.com — Cisco Umbrella Rank: 178814	218 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	3 KB
3	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 16652	74 KB
2	avct.cloud 2 redirects ads.avct.cloud	1 KB
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	everesttech.net 1 redirects sync-tm.everesttech.net	772 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1339	447 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 565	2 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1700	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 150
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 1116	1 KB
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 864	943 B
2	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 798	1 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 696 cdn.indexww.com — Cisco Umbrella Rank: 1662	2 KB
2	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2555 sync.crwdcntrl.net — Cisco Umbrella Rank: 803	583 B
2	openx.net abp-d.openx.net — Cisco Umbrella Rank: 316546 rtb.openx.net — Cisco Umbrella Rank: 782	624 B
2	affinitymatrix.com cdn4-hbs.affinitymatrix.com — Cisco Umbrella Rank: 38742	25 KB
1	zeotap.com mwzeom.zeotap.com	439 B
1	loopme.me 1 redirects csync.loopme.me	226 B
1	opera.com 1 redirects t.adx.opera.com	555 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	1 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 12244	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	5 KB
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1849	582 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1251	574 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 364	457 B
1	ad4m.at ad4m.at — Cisco Umbrella Rank: 11581
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 800	610 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 411	684 B
0	bidtheatre.com Failed match.adsby.bidtheatre.com Failed
240	53

	Domain	Requested by
20	tpc.googlesyndication.com	1 redirects ad.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net 13.58.185.233 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
18	cm.g.doubleclick.net	8 redirects 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
15	securepubads.g.doubleclick.net	1 redirects www.googletagservices.com securepubads.g.doubleclick.net 13.58.185.233 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
13	imageproxy.eu.criteo.net	ads.eu.criteo.com
11	pagead2.googlesyndication.com	tpc.googlesyndication.com securepubads.g.doubleclick.net 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com 13.58.185.233
10	cdn.ampproject.org	securepubads.g.doubleclick.net
8	static.criteo.net	ads.eu.criteo.com
8	cdn.taboola.com	13.58.185.233 cdn.taboola.com
6	simage2.pubmatic.com	ads.pubmatic.com
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	1 redirects tpc.googlesyndication.com 13.58.185.233 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	a.audrte.com	3 redirects ads.pubmatic.com
4	image2.pubmatic.com	ads.pubmatic.com
4	match.adsrvr.org	ads.pubmatic.com ssum-sec.casalemedia.com 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
4	ib.adnxs.com	1 redirects ads.pubmatic.com acdn.adnxs.com
4	ad.doubleclick.net	2 redirects 13.58.185.233
4	trc.taboola.com	cdn.taboola.com
4	www.googletagmanager.com	13.58.185.233 www.googletagmanager.com
3	x.bidswitch.net	2 redirects
3	onetag-sys.com	2 redirects 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
3	c1.adform.net	2 redirects ads.pubmatic.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	image6.pubmatic.com	1 redirects ads.pubmatic.com
3	12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	am-trc-events.taboola.com	cdn.taboola.com 13.58.185.233
3	gum.criteo.com	cdn.taboola.com ads.pubmatic.com
3	region1.google-analytics.com	www.googletagmanager.com
3	www.googletagservices.com	13.58.185.233 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
3	assets.telegraphindia.com	13.58.185.233
3	ads.pubmatic.com	13.58.185.233 ads.pubmatic.com
3	fonts.googleapis.com	13.58.185.233 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3	cdn.izooto.com	13.58.185.233 cdn.izooto.com
2	ads.avct.cloud	2 redirects
2	uipglob.semasio.net	1 redirects
2	sync-tm.everesttech.net	1 redirects ads.pubmatic.com
2	sync.teads.tv	1 redirects 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
2	sync.1rx.io	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	www.googleadservices.com
2	sync.mathtag.com	2 redirects
2	dclk-match.dotomi.com	12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
2	encrypted-tbn1.gstatic.com	12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
2	ad.turn.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	cr.frontend.weborama.fr	2 redirects
2	cms.quantserve.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	images.taboola.com	13.58.185.233
2	cdn4-hbs.affinitymatrix.com	13.58.185.233 cdn4-hbs.affinitymatrix.com
1	pubmatic-match.dotomi.com
1	mwzeom.zeotap.com
1	csync.loopme.me	1 redirects
1	t.adx.opera.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	t.pubmatic.com	ads.pubmatic.com
1	m.exactag.com	13.58.185.233
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	cat.fr3.eu.criteo.com	ads.eu.criteo.com
1	rtb.nl3.eu.criteo.com	12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	ads.eu.criteo.com	12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
1	cds.taboola.com	cdn.taboola.com
1	encrypted-tbn2.gstatic.com	12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
1	encrypted-tbn3.gstatic.com	12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
1	www.gstatic.com	12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
1	googleads.g.doubleclick.net	13.58.185.233
1	pips.taboola.com	cdn.taboola.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	ad4m.at	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ups.analytics.yahoo.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	js-sec.indexww.com	ads.pubmatic.com
1	acdn.adnxs.com	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	hbopenbid.pubmatic.com	ads.pubmatic.com
1	htlb.casalemedia.com	ads.pubmatic.com
1	abp-d.openx.net	ads.pubmatic.com
1	trc-events.taboola.com	cdn.taboola.com
0	match.adsby.bidtheatre.com Failed
240	94

This site contains links to these domains. Also see Links.

Domain
epaper.telegraphindia.com
totalbattle.com
popup.taboola.com
www.telegraphindia.com
play.google.com
apps.apple.com
www.facebook.com
twitter.com
www.instagram.com
news.google.com
www.anandabazar.com

Subject Issuer	Validity	Valid
*.telegraphindia.com Amazon RSA 2048 M01	`2023-04-26` - `2024-05-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.affinitymatrix.com Go Daddy Secure Certificate Authority - G2	`2023-05-17` - `2024-05-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
ebela.in DigiCert TLS RSA SHA256 2020 CA1	`2022-12-20` - `2023-12-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.id5-sync.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2023-10-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-19` - `2023-09-15`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://13.58.185.233/
Frame ID: 7D09844AA821D986AF378F27EFB21C7C
Requests: 87 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 552CFB2E24FE0553CA5387AC1C2277C4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7FB59177059A9CE05AC82CC5B31A59E7
Requests: 3 HTTP requests in this frame

Frame: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A097863A6388CBA1DACD58CECD9C1945
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E73E6F1162E38ADA37AEDA25E58588B8
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FEF27CE99793DD6006ECFA244799B200
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Frame ID: DAD1E25ED2D3CFDFE01E49B7DC39D758
Requests: 22 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: B1DAA4D8CD1310A759D3B4A0BCA888F9
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5F39CA90AA2BF4FFA0EECD68E9EE7E5A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7B095904749F47F80BB5708500380233
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E9D1C3E6CD811D1A7727D88E2903F2EB
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=ED4F2DB8-E190-4B07-A092-3D44CB84056F&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 1EB2D4A37376F2A88194B703F1E7E856
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TBcc8UhFSvBXF0-jSRdU8EMTSfVXExjyThfohcxs
Frame ID: 8A439B61D33B4B318DAABD5C71CAFD39
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: E731C9E4C5CCE73D78234DE3625A85FF
Requests: 13 HTTP requests in this frame

Frame: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9EE9BBC1D04387D0E9C116BDC6B7CC8D
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 562F1854DF84D724BCFE0FCC2D149008
Requests: 9 HTTP requests in this frame

Frame: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A38936E571E57AA13611AEB5CFAE0932
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO4vPQAHIJ4CO8-mAAgtrvjQsREi31QZOZvh1g&u=%7Cr%2FRrmP1EZXe3FrRSTRMYXWgpJSuLij1rwC6MXEgJY%2Bw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku46uZqnm0IDQE0mgmeM1aUcn0pwl7nLc0l3qJR2nUlYyr-bGVJn68ZH4qPvylDNtTvS6SXp_FhZFSuZ5oqsipCrbxy1oriZ1VPhTwVz5g6YcsP1nAFkFBnydrBEGqClgy5uR5mOON6Ndb7FO955S-G9zZo6dSX6fOQcdJMNHHFacLRMU5GYCH9e3YKZDLBn9ChPRC93anarLAPds_2EU5Tip3tfkOB1fIHNQdTj22jZMbCuHcM_AIN_OpbmOdnY2STpP7LTk9wTkwmm2FY2ih_SuNzeBDeaUHPdJo8MI-faM3i70voJeoF3otqyGOPp8G7m_drnuLgpzm2gSIK2xMe8FNiImVDwNAFSMrIxsAu-sNzTSHU57uyyVi5azGKnKTlK4YiY3XbO2zqNdy6cInKdt1AFp4lRtzJVgY1y7-H-AHTOcmIBYggTV485PskN3hxf1AwHNEfr-g1P07SWrGQq5-2hyYZeD83zZ-ByO8hkUkEp-8uyzfZF74SbLF0l-sgi3t2yrjHd1VrXcSxzdDGdIQHQWhMz7LD5fldhvZ-CGILI9t3nAQbQnF5i8KxLo7x75LShn58K5XV-0h-Pno7eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTNklPS_uZJ7BHKaf78EPrtug0ATJntKxXNWdkfdwwI23ARABIABglar1gZQHggEXY2EtcHViLTcxOTcwNTkzMjgyMTAzNzfIAQmpAiwI_WwzIbI-4AIAqAMByAMCqgSgAk_Q7L9iBCqtCBt8PMGAxKRP_i20HTqhABK2xyNkAeBWj6itvf_eBUDa28EHTvgIiVrvu6wxvkpC4a1VdK3VTU3PSe-HKQaKgnTBko1C7zCe4G1UPknBH41cO6nQ0rqYFVCZabV5UoAMqn2bHWrTIii82R1i7bwPEPhCzo8_PNK9_gCLprvcsQzy3Nf4M24PY5Rv3kKmIeI81wz8KWuuOHPvttBN9VaKuSpWkaPr7QjH-SaBjLfnQ-3wITO-UZNoRqzcOksOFRHbpSph-Onb0gGMXVc1x_32oHo4zAlB463vsOprJU1QwBpVoHXmIiv5cWLiDebKgMB3sjisoe2xpK-p2sheuzxeENfIE5NfOwrU50ezapmQdA_h679IU79sQuAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2GtzOtHmT0Jo2_C4Uz6ReAxpiyhg%26client%3Dca-pub-7197059328210377%26adurl%3D
Frame ID: 2CE16FE0F1AD0D2AC548712F7F631D3E
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8CE5C536025EC75E5E8907C783D12F8D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Frame ID: D659003BBDE34E7A0942091ED6666605
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 25C6CC38A03CA827121BABFB1297EE12
Requests: 17 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=ED4F2DB8-E190-4B07-A092-3D44CB84056F&gdpr=0&gdpr_consent=
Frame ID: 73C03DE59850D4C904AC972C87280F73
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8336458625835832832&gdpr=0&gdpr_consent=
Frame ID: 7739DEE7E74EABFA660AE22C7EC4B917
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7272802391587027090&gdpr=0&gdpr_consent=
Frame ID: 4849F4AC17188524F0848CE72D1FF540
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=82NyhbR3XSNH7Pjg59tfMFD_B2w&gdpr=0&gdpr_consent=
Frame ID: 2D7C822CA2B15A6504F3B1458B931292
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO4vQAAMR3P-eQAN
Frame ID: E8DB728C2C213111416A67E6765AD14C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU49ee4dc743564db7bad7cbdb85b8968c
Frame ID: 4777C0C754B4F785F6E4AEBA2D645CA0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 428FB2A2E32381AA512058FAB4871FA2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telegraph India | Latest News, Top Stories, Opinion, News Analysis and Comments

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

240
Requests

78 %
HTTPS

39 %
IPv6

53
Domains

94
Subdomains

73
IPs

11
Countries

2547 kB
Transfer

7082 kB
Size

49
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://epaper.telegraphindia.com/
Title: Epaper

Search URL Search Domain Scan URL

URL: https://totalbattle.com/de/lp/city9alike2_webgl_dark_po_2/3
Title: Total Battle: Online Strategie-Spiel

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=telegraphindiacom&utm_medium=referral&utm_content=thumbnails-1x2-stream:Right%20Stream%20Thumbnails:

Search URL Search Domain Scan URL

URL: https://www.telegraphindia.com/edugraph/events/how-to-be-a-filmmaker/5?ref=mktbanner

Search URL Search Domain Scan URL

URL: https://www.telegraphindia.com/edugraph/colleges?ref=ttmkbanner

Search URL Search Domain Scan URL

URL: https://www.telegraphindia.com/entertainment

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thetelegraph

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/the-telegraph/id1438396234

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thetelegraphindia

Search URL Search Domain Scan URL

URL: https://twitter.com/ttindia

Search URL Search Domain Scan URL

URL: https://www.instagram.com/telegraphonline/

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAiEBnl4ngYZE3yQpUOBGpiPbwqFAgKIhAZ5eJ4GGRN8kKVDgRqYj28?ceid=IN:en&oc=3

Search URL Search Domain Scan URL

URL: https://www.anandabazar.com/?ref=footer_home-template

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://ad.doubleclick.net/ddm/trackimpj/N1355190.2621703TABOOLAEUROPELTD/B30299934.371364692;dc_trk_aid=562490953;dc_trk_cid=195535362;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&ias_adpath=.taboola-right-stream-thumbnails-0 HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N1355190.2621703TABOOLAEUROPELTD/B30299934.371364692;dc_pre=CKC038G2goEDFSmDgwcdzPYC6Q;dc_trk_aid=562490953;dc_trk_cid=195535362;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&ias_adpath=.taboola-right-stream-thumbnails-0

Request Chain 56

https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703TABOOLAEUROPELTD/B30299934.371364692;dc_trk_aid=562490953;dc_trk_cid=195535362;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=telegraphindia.com HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703TABOOLAEUROPELTD/B30299934.371364692;dc_pre=CPyz38G2goEDFWCR_QcdUVAEoA;dc_trk_aid=562490953;dc_trk_cid=195535362;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=telegraphindia.com

Request Chain 92

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 96

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=ED4F2DB8-E190-4B07-A092-3D44CB84056F&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=ED4F2DB8-E190-4B07-A092-3D44CB84056F&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 97

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TBcc8UhFSvBXF0-jSRdU8EMTSfVXExjyThfohcxs

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7U8tuOGQSwegkj1Ey4QFbw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 100

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3080314654 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=ED4F2DB8-E190-4B07-A092-3D44CB84056F

Request Chain 101

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=ED4F2DB8-E190-4B07-A092-3D44CB84056F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWIxU21reC14TE1SQmlrdUYxbnNtbndPUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=1460623923873259275&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUQ0RjJEQjgtRTE5MC00QjA3LUEwOTItM0Q0NENCODQwNTZG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHCs-X7A7P0dh7hWXvIxTpg&google_cver=1

Request Chain 106

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1460623923873259275

Request Chain 120

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO4vPSPiSc1qKW-Sc32wgAAAFLAAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO4vPSPiSc1qKW-Sc32wgAAAFLAAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 121

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZO4vPSPiSc1qKW.Sc32wgAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOUKzDBw9HM_uB61yu3wuok&google_cver=1&google_hm=2

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZO4vPSPiSc1qKW-Sc32wgAAAFLAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ2fuokG-ro2X-2UDx8sqrk&google_cver=1

Request Chain 124

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8336458625835832832

Request Chain 125

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1693417661

Request Chain 127

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9131303406352279264

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 149

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDns_i1XBD1BRi-ATIIkxWUa1Mfghs HTTP 301
https://tpc.googlesyndication.com/simgad/16029425320012453748

Request Chain 151

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOGs3e13Bl1f77sCX8eff6M&google_cver=1&google_push=AXcoOmSRmhrfRmsG-gsBwuX9ErJE9_SneaP_CXTBFeaaHAtMYm4hxLdb3SsZCUvtgHh6RFZPB_lGjgj-kIatzRLC0GULe0rch_c HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSRmhrfRmsG-gsBwuX9ErJE9_SneaP_CXTBFeaaHAtMYm4hxLdb3SsZCUvtgHh6RFZPB_lGjgj-kIatzRLC0GULe0rch_c&google_hm=YI3z2vKkJfAmY75tda7z5g

Request Chain 153

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEL7vXucA6Cm6jPcdy-Czgew&google_cver=1&google_push=AXcoOmTfTWHBoHaoM4RtwEeY_63G4-KSOHWyspX8l4wu51cDNPslEWlG3xH6ZGetB4SHCycK28iZCZvuHCFcbaeYKstfuAemINU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTfTWHBoHaoM4RtwEeY_63G4-KSOHWyspX8l4wu51cDNPslEWlG3xH6ZGetB4SHCycK28iZCZvuHCFcbaeYKstfuAemINU

Request Chain 156

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELZveBckj0Q9kJu5FSetQVs&google_cver=1&google_push=AXcoOmRJ0rx8pVinrZlt_zGMdta-6JoqsZ-UB8ppa4Res1uXLPQBJn6B_cgUm6HlmomukB8UgPyhZTRn84hipOnuWZgLcBMagqVi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExXTFBOU00tRi05QlI2&google_push=AXcoOmRJ0rx8pVinrZlt_zGMdta-6JoqsZ-UB8ppa4Res1uXLPQBJn6B_cgUm6HlmomukB8UgPyhZTRn84hipOnuWZgLcBMagqVi

Request Chain 157

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAyRcwCTAzWz-8ZBZ9PRWGo&google_cver=1&google_push=AXcoOmRzJJxYcyu5Uo40iqf9W6E0koPNkko1o5d7jJy1odT9pNqS5RLyA4zGB42m2EVEsGJICkNDgAO8aoGR3AqhTqZ6SkhHbf0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRzJJxYcyu5Uo40iqf9W6E0koPNkko1o5d7jJy1odT9pNqS5RLyA4zGB42m2EVEsGJICkNDgAO8aoGR3AqhTqZ6SkhHbf0

Request Chain 163

https://securepubads.g.doubleclick.net/pagead/adview?ai=C6xUnPS_uZJ6fDPio78EP_v2TuASXmISucq_psIelCmQQASCNofcfYJWq9YGUB6AB9dW7_QLIAQmpAiwI_WwzIbI-4AIAqAMByAPLBKoEkwJP0H5W1r0sgB05rEn9t9VmiwRRSKfmTmKsdqvyX2sislMo8nMYz8hHIX2tsr0bmxUIvkudchL6mfKpmTHUVmFRMPoyOj4Q4KO9G6g-Aw9PSo3TTlByA7NhfdieAS0LI_y0Fn9sgonxJf0wshrwr6ZnGqryV00tfXeDFVciU_92_VFf_EDnaV6qvIxGsVFiXkoPmfkTcXeotFUBvELMXilq8Gg9xe0ycXGUVIee_FNNaYC0vBCCaR7YPwI6o0Hp_yZ72t-TvykuZlInziy68urBHoeAul6QzfPoNNX6knA_aL5RZJeW64h1iGwoUDe21aVzEDjE_VqhoP5puEBT3cKQupZfn4WmSdumWwUMsoVIWBASB8AE6OnMlrwC4AQBiAXWw8XfGJIFBAgEGAGSBQQIBRgEoAYugAfzqcSCAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCjwgXSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgkiaHR0cHM6Ly93d3cuc2Nvb3Rlci1jZW50ZXIuY29tL2RlL4AKA8gLAdgTC4gUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi05MTA0NDU1MjUxMjE3ODYwGKvyCg&sigh=--P9v9HDJdE&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWytRfI4QaH18ZhB9bE76M2HnAVSAH5APdkf18Th7sHgCgkZpKzyJOYqDpenzX0F6vCk3PLNrylhgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214228851006016706282%22,%22debug_reporting%22:true,%22destination%22:%22https://scooter-center.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22799992565%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221218660060169534177%22}&andc=true

Request Chain 173

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJujwbk2gIq1S9Hmic0KWvs&google_cver=1&google_push=AXcoOmQQ7QulBYCHYKZdKMd0Z8cRB5XN58XASyn5qCkdPfW1ZpcxZu7yIDK0BtUYc7uKYvD_VcajtgJ3PfvtwLm0KU7FjWF3eOli HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQQ7QulBYCHYKZdKMd0Z8cRB5XN58XASyn5qCkdPfW1ZpcxZu7yIDK0BtUYc7uKYvD_VcajtgJ3PfvtwLm0KU7FjWF3eOli

Request Chain 174

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA2hq0KiGteh6Qa4knNmg0g&google_cver=1&google_push=AXcoOmSLJsvM24WSey8kpwPH7mes6hJyTXPaLOHiOImn4tT3jx34oGW-o-q-jv67HgpGAORC6ntLD3RPiuK85Ap4W411uYXj6XoX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjgwMjM5MTU4NzAyNzA5MA%3D%3D&google_push=AXcoOmSLJsvM24WSey8kpwPH7mes6hJyTXPaLOHiOImn4tT3jx34oGW-o-q-jv67HgpGAORC6ntLD3RPiuK85Ap4W411uYXj6XoX

Request Chain 175

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED0J8lOxP8hUvdaIXkdeN_I&google_cver=1&google_push=AXcoOmShG4G1fxkoEQF7HRa3zPlzOytDeHnsHARAGqyL2_HQdHaMp6FHOLoEu1ymRmfdN-uKehSeGxjXo-DkrwS8TrAs1gGtCu9A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmShG4G1fxkoEQF7HRa3zPlzOytDeHnsHARAGqyL2_HQdHaMp6FHOLoEu1ymRmfdN-uKehSeGxjXo-DkrwS8TrAs1gGtCu9A&google_hm=eS1RcTg4VzN4RTJwR3haVV80YjZfc0k0YmVmbEpLYWZBOH5B

Request Chain 176

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEBNwXDhAh8NZaTCLR0CIMJ8&google_cver=1&google_push=AXcoOmRJPEX2nqknx-EQ-ZK3-18826yRpdk-ItVGXAp_lsSJ1thu9HjPkOXD7Fw20v-J82htbpuoiJVQen9I2kVKQ1xUPKqJXTCE HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRJPEX2nqknx-EQ-ZK3-18826yRpdk-ItVGXAp_lsSJ1thu9HjPkOXD7Fw20v-J82htbpuoiJVQen9I2kVKQ1xUPKqJXTCE&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1693331262079 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8ee2a696-ec74-411a-a479-0d9161cd442e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRJPEX2nqknx-EQ-ZK3-18826yRpdk-ItVGXAp_lsSJ1thu9HjPkOXD7Fw20v-J82htbpuoiJVQen9I2kVKQ1xUPKqJXTCE%26google_hm%3DA47ippbsdEEapHkNkWHNRC4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRJPEX2nqknx-EQ-ZK3-18826yRpdk-ItVGXAp_lsSJ1thu9HjPkOXD7Fw20v-J82htbpuoiJVQen9I2kVKQ1xUPKqJXTCE&google_hm=A47ippbsdEEapHkNkWHNRC4

Request Chain 177

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEE24zGlgERySGWNiflzremU&google_cver=1&google_push=AXcoOmRbn0sh3tqK5rX_t7wAuhgQKP9f_hFOIcWeXrrj9RISGcM_PLNcrfglIQQX2hgLPmh_1btMTdGVz7baGT_t7abrPWtBK3gOgQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRbn0sh3tqK5rX_t7wAuhgQKP9f_hFOIcWeXrrj9RISGcM_PLNcrfglIQQX2hgLPmh_1btMTdGVz7baGT_t7abrPWtBK3gOgQ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 178

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELBmrba-g7Og3BYzuklM-4Q&google_cver=1&google_push=AXcoOmS9focr_SupuN9cVb9ug9Gl_ADpQeI2PGuDeyfNdHeLJoLDbh__eBgCWrePsghCoPKAtlhz9sKFUrPAoU3ktFGoa1oJ-JXYPw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS9focr_SupuN9cVb9ug9Gl_ADpQeI2PGuDeyfNdHeLJoLDbh__eBgCWrePsghCoPKAtlhz9sKFUrPAoU3ktFGoa1oJ-JXYPw HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 232

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8336458625835832832&gdpr=0&gdpr_consent=

Request Chain 233

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7272802391587027090&gdpr=0&gdpr_consent=

Request Chain 234

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=82NyhbR3XSNH7Pjg59tfMFD_B2w&gdpr=0&gdpr_consent=

Request Chain 235

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO4vQAAMR3P-eQAN

Request Chain 236

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU49ee4dc743564db7bad7cbdb85b8968c

Request Chain 237

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 239

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ED4F2DB8-E190-4B07-A092-3D44CB84056F&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ED4F2DB8-E190-4B07-A092-3D44CB84056F&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 240

https://pixel.onaudience.com/?partner=214&mapped=ED4F2DB8-E190-4B07-A092-3D44CB84056F&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3b4a916354a985ee/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b3e580848251d81a92d0da70a9a601da&gdpr=1 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=3b4a916354a985ee HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=85c1bcc0-5bd6-40e1-43ef-ab5856edb7a2&reqId=cbd987c0-03fc-4319-7db2-aec074845a81&zcluid=3b4a916354a985ee&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEAZuQhCL-tlKTFvluQPORYk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=85c1bcc0-5bd6-40e1-43ef-ab5856edb7a2&reqId=cbd987c0-03fc-4319-7db2-aec074845a81&zcluid=3b4a916354a985ee&zdid=1332

Request Chain 241

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=5984af5c-b340-44c8-8361-c04a79b75652&ssp=pubmatic

Request Chain 243

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9131303406352279264&gdpr=0&gdpr_consent=&us_privacy=

240 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
13.58.185.233/ 145 KB
28 KB 423ms
168ms Document
text/html 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

09c092ba937f911c360fceed25b9476a83d6aad994daec631805b7a64e5bf6b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 17:47:37 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 logo.svg
13.58.185.233/revamp-assets/desktop/images/ 16 KB
7 KB 247ms
246ms Image
image/svg+xml 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://13.58.185.233/revamp-assets/desktop/images/logo.svg

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2923753f13ba547e56a41908f40e23d3ea72e120456fa0b946a4d06045815cc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: W/"645346cf-3eaf"
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 bplaceholderimg.jpg
13.58.185.233/revamp-assets/desktop/images/ 14 KB
12 KB 203ms
202ms Image
image/jpeg 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

917d0b2d9510610f918e68cee78a8dd6abf6b8f7ff7051bd498ef35b1a894755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: W/"645346cf-36e9"
vary: Accept-Encoding
content-type: image/jpeg
x-xss-protection: 1; mode=block

GET
H2 200 header-footer.css
13.58.185.233/revamp-assets/desktop/css/ 9 KB
3 KB 127ms
126ms Stylesheet
text/css 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://13.58.185.233/revamp-assets/desktop/css/header-footer.css?v=0.03

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

339b91dfbc4cfcd13c9145b29a356385bee7441fe1a2080034b843e72f0be1c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: W/"645346cf-240d"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 home.css
13.58.185.233/revamp-assets/desktop/css/ 21 KB
4 KB 245ms
245ms Stylesheet
text/css 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://13.58.185.233/revamp-assets/desktop/css/home.css?v=0.09

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3502c78a4597d23cb0ed5791bf817022040fef1e3a76031e191db400b7a1c383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Aug 2023 12:06:50 GMT
server: nginx
etag: W/"64de0d5a-5477"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 8bc70b64e2c82026a458dde2e632df4b57f8abaa.js Show response
cdn.izooto.com/scripts/ 884 B
754 B 168ms
67ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/8bc70b64e2c82026a458dde2e632df4b57f8abaa.js

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff18af51189cd02dd812767f52822068b208af638872e730db31726e63642e34

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 26 Oct 2022 09:33:15 GMT
server: cloudflare
age: 988219
etag: W/"6358fedb-374"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 7fe69eca880c902e-FRA
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 17:47:38 GMT

GET
H2 200 humburger.svg
13.58.185.233/revamp-assets/desktop/images/ 295 B
416 B 128ms
125ms Image
image/svg+xml 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://13.58.185.233/revamp-assets/desktop/images/humburger.svg

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9a75dda19fe6d1d858aed1b322bdeded6e5b6deb60d407aaa17b04aa4df6fdcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: W/"645346cf-127"
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 searchicon.svg
13.58.185.233/revamp-assets/desktop/images/ 362 B
471 B 129ms
125ms Image
image/svg+xml 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://13.58.185.233/revamp-assets/desktop/images/searchicon.svg

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0deac92a8d1574d1ee5b1f22c8d5895e373d501063cdbe179cf51bfa982b3a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: W/"645346cf-16a"
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 217 KB
74 KB 144ms
53ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T9HRQZR

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

276a5c2977333872c18fb90f550a9749dcdedc2603207febef1b25e9ee2eb57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75496
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Aug 2023 17:47:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 138ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Serif:wght@400;700&family=Roboto:wght@400;700&display=swap

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71591d19d9cdb16604be484ddf38e137010313144775c07777c32e3696960303

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 17:47:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Aug 2023 17:47:38 GMT

GET
H2 200 quote_left.svg
13.58.185.233/revamp-assets/desktop/images/ 527 B
545 B 250ms
247ms Image
image/svg+xml 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://13.58.185.233/revamp-assets/desktop/images/quote_left.svg

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5cae1544da5f4d1a1e9e29b468435ceebb02ddaeb1ffcc4398efd8effd9ef546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: W/"645346cf-20f"
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 quote_right.svg
13.58.185.233/revamp-assets/desktop/images/ 587 B
581 B 129ms
126ms Image
image/svg+xml 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://13.58.185.233/revamp-assets/desktop/images/quote_right.svg

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

87c12e1a777a07591b750444850b75d1e7214d23338f1ed803013ad7f0ee203d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: W/"645346cf-24b"
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 mplaceholderimg.jpg
13.58.185.233/revamp-assets/desktop/images/ 6 KB
6 KB 250ms
247ms Image
image/jpeg 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d7049e99a1410dbba6b6358e8aa13b84faf686bc74bd751eee9e40d1818ecb57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: W/"645346cf-1960"
vary: Accept-Encoding
content-type: image/jpeg
x-xss-protection: 1; mode=block

GET
H2 200 splaceholderimg.jpg
13.58.185.233/revamp-assets/desktop/images/ 2 KB
2 KB 250ms
247ms Image
image/jpeg 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2c8bcc4ee2fb0ca48e2ce36a2af9d102289fb80ae4a95fb0f2c0db17872b940e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: W/"645346cf-92f"
vary: Accept-Encoding
content-type: image/jpeg
x-xss-protection: 1; mode=block

GET
H2 200 photo-icon.svg
13.58.185.233/revamp-assets/desktop/images/ 550 B
532 B 249ms
246ms Image
image/svg+xml 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

64244c32f8d71cf09d9d1afbe554a797f43f2f8f23b9b14a89ee0a3c385d3335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: W/"645346cf-226"
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 try-this-today-img.png
13.58.185.233/revamp-assets/desktop/images/ 17 KB
17 KB 249ms
247ms Image
image/png 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://13.58.185.233/revamp-assets/desktop/images/try-this-today-img.png

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

debed31301bfe3b9044bf25b1d70719220945961fb28c599cc4a864e8fece840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: "645346cf-4329"
content-type: image/png
accept-ranges: bytes
content-length: 17193
x-xss-protection: 1; mode=block

GET
H2 200 google-playstore.svg
13.58.185.233/revamp-assets/desktop/images/ 5 KB
2 KB 256ms
253ms Image
image/svg+xml 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://13.58.185.233/revamp-assets/desktop/images/google-playstore.svg

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

87810cdecaa1016b8f7418b1314554bb5e314c033a152b2dd4b6ba38e8746c97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: W/"645346cf-134b"
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 apple-store.svg
13.58.185.233/revamp-assets/desktop/images/ 9 KB
4 KB 250ms
248ms Image
image/svg+xml 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://13.58.185.233/revamp-assets/desktop/images/apple-store.svg

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

eed227275e082f00b5481ea99d234a15a52a3c09a713b0a956204b9057f91de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: W/"645346cf-2548"
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 instagram-icon.svg
13.58.185.233/revamp-assets/desktop/images/ 2 KB
870 B 250ms
248ms Image
image/svg+xml 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://13.58.185.233/revamp-assets/desktop/images/instagram-icon.svg

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8068a8be48a405cb9a0eabd96cc4cc678be6e74e6391949ca6c8971ddb94bc8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: W/"645346cf-6ad"
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 googlenews-icon.png
13.58.185.233/revamp-assets/desktop/images/ 764 B
960 B 257ms
255ms Image
image/png 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://13.58.185.233/revamp-assets/desktop/images/googlenews-icon.png

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

69b4a89c8fcdc552a5cb8bfb127b902718c26fc97661ef784b9af8019b4a8b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: "645346cf-2fc"
content-type: image/png
accept-ranges: bytes
content-length: 764
x-xss-protection: 1; mode=block

GET
H2 200 anandabazar-logo.svg
13.58.185.233/revamp-assets/desktop/images/ 9 KB
3 KB 250ms
248ms Image
image/svg+xml 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://13.58.185.233/revamp-assets/desktop/images/anandabazar-logo.svg

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3e666ee924aa97d4101c3794d81ee0938a1d02b1618b4bf6f0a21946e214861b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: W/"645346cf-25ab"
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.6.3.min.js Show response
13.58.185.233/revamp-assets/desktop/js/ 88 KB
31 KB 131ms
131ms Script
application/javascript 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://13.58.185.233/revamp-assets/desktop/js/jquery-3.6.3.min.js?v=0.01

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2023 05:46:55 GMT
server: nginx
etag: W/"645346cf-15f5b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block

GET
H2 200 common.js Show response
13.58.185.233/revamp-assets/desktop/js/ 44 KB
7 KB 127ms
127ms Script
application/javascript 13.58.185.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://13.58.185.233/revamp-assets/desktop/js/common.js?v=0.06

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.58.185.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-185-233.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

019144440451ccd45e624cd2d0895c0b1d2adbb4b3a0e276a381f420efda0f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 May 2023 12:10:52 GMT
server: nginx
etag: W/"6470a1cc-af82"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159328/2813/ 450 KB
131 KB 142ms
40ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159328/2813/pwt.js
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b8be7b6e4a821c7105759b20bb5f6db82973794fba55e797b9308d7a9ef3dc1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 09:08:00 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=159958
accept-ranges: bytes
content-length: 133777
expires: Thu, 31 Aug 2023 14:13:36 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/telegraphindiacom/ 724 KB
60 KB 170ms
41ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/telegraphindiacom/loader.js
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db64512b9a9cb555d36bac8adca643884bf6e948a8d9fac367f605ba6de5088b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: 1QM1msHw1BCZTsNHY7RE1vIKVWMqzbP1
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 17:47:38 GMT
x-amz-request-id: 89C3NZ1M9E0423W3
age: 27106
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 60505
x-amz-id-2: q5GjhLFamSuwYkR0Zz25uSwBcBxgNgUJBOaP+fR3p5zOP+l1iOKFiU6QrQexrlXpAxm7iaav9+o=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Tue, 29 Aug 2023 10:15:34 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693331258.293105,VS0,VE0
etag: "ca3b01ac909ef0fca641d2f5b9eeb161"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 52
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 307 KB
72 KB 60ms
59ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/8bc70b64e2c82026a458dde2e632df4b57f8abaa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b5e326f69ecc08128d648a0f24ed96b569ce48ba397630be3c3a8f5650c9ad

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 24 Aug 2023 12:05:06 GMT
server: cloudflare
age: 452530
etag: W/"64e74772-4ccfb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 7fe69ecb8910902e-FRA
x-xss-protection: 1; mode=block
expires: Thu, 14 Sep 2023 17:47:38 GMT

GET
H2 200 index Show response
cdn4-hbs.affinitymatrix.com/hvrcnf/telegraphindia.com/29719/ 3 KB
2 KB 1035ms
44ms Script
application/javascript 2607:fc48:bc4b::bc:238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/hvrcnf/telegraphindia.com/29719/index?t=29719
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:fc48:bc4b::bc:238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
Software: v/6.7.4/6.5.22/v3fra1-www /
Resource Hash: 3d7ddc877d6ae026147cd66e9018ce6cd6c40d8e9b6a20a7faefc99808e9e1db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-version: 9
date: Tue, 29 Aug 2023 17:47:39 GMT
content-encoding: gzip
x-real-ip: 2a01:4a0:1338:92::11
server: v/6.7.4/6.5.22/v3fra1-www
age: 23120
x-tata-request-id: 4cef8e987a8d9b00c41595cc3d4fc410, 4cef8e987a8d9b00c41595cc3d4fc410
vary: Accept-Encoding
x-cache: HIT,v16fra1
content-type: application/Javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1560
expires: Wed, 28 Aug 2024 17:47:39 GMT

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 552C 4 KB
1 KB 52ms
51ms Document
text/html 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://13.58.185.233/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 1495126
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 7fe69ecc3a03902e-FRA
content-encoding: br
content-type: text/html
date: Tue, 29 Aug 2023 17:47:38 GMT
expires: Fri, 29 Sep 2023 17:47:38 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 139ms
41ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Serif:wght@400;700&family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://13.58.185.233
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 502762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 22:08:16 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 32 KB
32 KB 202ms
107ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Serif:wght@400;700&family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://13.58.185.233
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 22:08:17 GMT
x-content-type-options: nosniff
age: 502761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 22:08:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 145ms
51ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Serif:wght@400;700&family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://13.58.185.233
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 510935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 19:52:03 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ 29 KB
29 KB 176ms
84ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Serif:wght@400;700&family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://13.58.185.233
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 07:36:26 GMT
x-content-type-options: nosniff
age: 382272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29588
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:28:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 07:36:26 GMT

GET
H2 200 1693315118_modi-9.jpg
assets.telegraphindia.com/telegraph/2023/Aug/ 36 KB
36 KB 1034ms
174ms Image
image/jpeg 2a02:26f0:e300:184::5cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.telegraphindia.com/telegraph/2023/Aug/1693315118_modi-9.jpg
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300:184::5cb Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a479f6b23dfb9aaa86e43478b283c6a3bf59fd0bee992ec81fef478eb66031e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:39 GMT
last-modified: Tue, 29 Aug 2023 13:18:38 GMT
server: AkamaiNetStorage
content-md5: 8WsSE2a23QJi7djAy8iZog==
etag: "f16b121366b6dd0262edd8c0cbc899a2:1693315118.310143"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=592722
accept-ranges: bytes
content-length: 36900
expires: Tue, 05 Sep 2023 14:26:21 GMT

GET
H2 200 1693288521_india-uk.jpg
assets.telegraphindia.com/telegraph/2023/Aug/ 94 KB
95 KB 1119ms
259ms Image
image/jpeg 2a02:26f0:e300:184::5cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.telegraphindia.com/telegraph/2023/Aug/1693288521_india-uk.jpg
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300:184::5cb Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 995c4d542d07486f90ef525121d7e8f4f59e9fc8628f1ad1816769ebedc34518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:39 GMT
last-modified: Tue, 29 Aug 2023 05:55:21 GMT
server: AkamaiNetStorage
content-md5: GoTnYuWnvZGuNHiZgPBgZg==
etag: "1a84e762e5a7bd91ae34789980f06066:1693288521.446996"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=564029
accept-ranges: bytes
content-length: 96715
expires: Tue, 05 Sep 2023 06:28:08 GMT

GET
H2 200 1693308170_gulshan-devaiah-1.jpg
assets.telegraphindia.com/telegraph/2023/Aug/ 86 KB
87 KB 958ms
100ms Image
image/jpeg 2a02:26f0:e300:184::5cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.telegraphindia.com/telegraph/2023/Aug/1693308170_gulshan-devaiah-1.jpg
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300:184::5cb Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5798c3980e0e366fda8a223028c5742402307bc9f3eb71825d59adc1f60d7783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:39 GMT
last-modified: Tue, 29 Aug 2023 11:22:50 GMT
server: AkamaiNetStorage
content-md5: PYDGJ0Z3hq+gisoNxZXIBg==
etag: "3d80c627467786afa08aca0dc595c806:1693308170.934748"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=586751
accept-ranges: bytes
content-length: 88329
expires: Tue, 05 Sep 2023 12:46:50 GMT

GET
H2 200 impl.20230829-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 803 KB
166 KB 40ms
39ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/telegraphindiacom/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 49410c74fab6de2717d7f1318a0f1c6e388d528b08bbdfaaf30917b93e38e5b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: ZGlhiiQqqqnagE6bshkNEUfpjhfaa1ba
content-encoding: br
via: 1.1 varnish
date: Tue, 29 Aug 2023 17:47:38 GMT
x-amz-request-id: 9YG304DKSP74XNZ2
age: 28575
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 169980
x-amz-id-2: AFw9rhrpPFfjIWlCsTpQYfQ4JmOOgfpX0PijO55PmxMX81A005BVF26wHFMT5OZngLMFT0Y/buo=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Tue, 29 Aug 2023 09:51:12 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693331258.422676,VS0,VE0
etag: "187ed73a057d935141b5b3438fd55c4f"
vary: Accept-Encoding
content-type: application/javascript
abp: 55
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 119057

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
81 KB 75ms
74ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7JXMSXGPKW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9HRQZR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8fb6856164fc4c2245ae6aa660b3082617b9f29b62d700ea63c104bca81fbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82657
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 17:47:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
85 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H2BD8F4GE7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9HRQZR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

713c72b581183ad1698526b6d1987152e0c55e4fa78a26df95f6311c7cd889cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86615
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 17:47:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 66ms
66ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EQ2TJQVS4G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9HRQZR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

becd5219a8ae94ca080208fc977789ac0496926f467fb317512c840cf1a6c1a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89061
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 17:47:38 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 99 KB
29 KB 818ms
98ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

687cd93109d3980f43366ec194f81eec364bc805cd641b2891cb44971e8016d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28892
x-xss-protection: 0
server: cafe
etag: 755 / 19598 / m202308240101 / config-hash: 17877823999976530850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 17:47:39 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 137ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7JXMSXGPKW&gtm=45je38n0&_p=501166661&cid=356359995.1693331259&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693331259&sct=1&seg=0&dl=https%3A%2F%2F13.58.185.233%2F&dt=Telegraph%20India%20%7C%20Latest%20News%2C%20Top%20Stories%2C%20Opinion%2C%20News%20Analysis%20and%20Comments&en=page_view&_fv=2&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JXMSXGPKW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 113ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H2BD8F4GE7&gtm=45je38n0&_p=501166661&cid=356359995.1693331259&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693331259&sct=1&seg=0&dl=https%3A%2F%2F13.58.185.233%2F&dt=Telegraph%20India%20%7C%20Latest%20News%2C%20Top%20Stories%2C%20Opinion%2C%20News%20Analysis%20and%20Comments&en=page_view&_fv=1&_ss=1&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H2BD8F4GE7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 176ms
51ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:39 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 265306
expires: 60

GET
H2 200 json Show response
trc.taboola.com/telegraphindiacom/trc/3/ 7 KB
3 KB 198ms
183ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/telegraphindiacom/trc/3/json?tim=19%3A47%3A39.252&lti=deflated&data=%7B%22id%22%3A560%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1693304126310%2C%22vi%22%3A1693331259249%2C%22cv%22%3A%2220230829-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.telegraphindia.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2F13.58.185.233%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A15305%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-1x2-stream%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Stream%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Stream%20Thumbnails%22%2C%22cd%22%3A832%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CRight%20Stream%20Thumbnails%3Dthumbnails-1x2-stream%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 414b5824add908e2e550fdd81686e483eeecd303bb681a292431d5a90e1ee22b

Request headers

Referer: https://13.58.185.233/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 121
date: Tue, 29 Aug 2023 17:47:39 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7265
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230111-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1693331259.290407,VS0,VE121
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://13.58.185.233
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 64ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EQ2TJQVS4G&gtm=45je38n0&_p=501166661&cid=356359995.1693331259&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693331259&sct=1&seg=0&dl=https%3A%2F%2F13.58.185.233%2F&dt=Telegraph%20India%20%7C%20Latest%20News%2C%20Top%20Stories%2C%20Opinion%2C%20News%20Analysis%20and%20Comments&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EQ2TJQVS4G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/telegraphindiacom/log/3/ 0
246 B 525ms
47ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/telegraphindiacom/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://13.58.185.233/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://13.58.185.233
pragma: no-cache
date: Tue, 29 Aug 2023 17:47:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 v2.js Show response
cdn4-hbs.affinitymatrix.com/hvrlib/telegraphindia.com/1670997542/ 64 KB
23 KB 53ms
52ms Script
application/javascript 2607:fc48:bc4b::bc:238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/hvrlib/telegraphindia.com/1670997542/v2.js
Requested by: Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/hvrcnf/telegraphindia.com/29719/index?t=29719
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:fc48:bc4b::bc:238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
Software: v/6.7.4/6.5.22/v3fra1-www /
Resource Hash: 71d1234b8d73c57d79bead74248c258ecd987fd199e53c77576d53bc1ad4ca94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-version: 9
date: Tue, 29 Aug 2023 08:36:27 GMT
content-encoding: gzip
x-real-ip: 2a01:4a0:1338:92::11
server: v/6.7.4/6.5.22/v3fra1-www
age: 33121
x-tata-request-id: f9bb43592f76812ea87acdbac57332da, f9bb43592f76812ea87acdbac57332da
vary: Accept-Encoding
x-cache: HIT,v3fra1
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23233
expires: Wed, 28 Aug 2024 17:47:39 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 404 KB
127 KB 131ms
39ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129934
x-xss-protection: 0
server: cafe
etag: 17007686020673988365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 28 Aug 2024 17:24:16 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 35 B
576 B 167ms
75ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=13.58.185.233

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a59a23cbff5b7e18b71763bcd84719431bb7344ce9a179d70012ace56b7cfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34
x-xss-protection: 0
expires: Tue, 29 Aug 2023 17:47:39 GMT

GET
H2 200 c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 3 KB
2 KB 48ms
47ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: 3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 17:47:39 GMT
x-amz-request-id: ZVGYFTA4J2HMKEV9
age: 116
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1502
x-amz-id-2: JJaAQ5TV0R+Y2vkJRBxpDBErhCAqEg1+GjKDeKBSMYltYZHQiCuJUOlxj0NuiveZvR2ICvCj/q4=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Sun, 10 Jun 2018 13:23:55 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693331260.514340,VS0,VE0
etag: "11d8569a7da0739259e3ac0b0d666e94"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 30
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 65

GET
H2 200 userx.20230829-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 48ms
47ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230829-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/telegraphindiacom/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 723ca45bc19fb07fbebe56f38e0f52626fca12b1f701ba1eefa33bf41b23efca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: skt8UWvYNkGjnz7ZpNLRFS7KR8tL3Le_
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 17:47:39 GMT
x-amz-request-id: T7SM0E8J3Y5JTBM9
age: 25590
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: SQ0dE2lkXPfEtWyaalEi2WqEiOU36hHwHGkEmHErudaAT+5J/PY+JKKwBP+Oj3kg5iX/UEbbQbk=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Tue, 29 Aug 2023 10:41:09 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693331260.521468,VS0,VE0
etag: "465df069033ddeffaac71b302063aca4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 56
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 23808

GET
H2 200 distance-from-article.20230829-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 48ms
48ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230829-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/telegraphindiacom/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 116c470561f08bc0c384f9306f59865db7fe8c0c2efc7b2435ecbb4417130fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: Xk3Gbd9mulD0cXTpc5aVjmHIALfgqN3N
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 17:47:39 GMT
x-amz-request-id: X8CTJARHTBQKDZFA
age: 25693
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1133
x-amz-id-2: J1b+wPeyZkEVC3X9cK+IW2livbgkyClTaaPeAEr+asCwIF2G1dWTD13Xr6+ZhiPioqhli3IClZ4=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Tue, 29 Aug 2023 10:39:26 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693331260.521505,VS0,VE0
etag: "d3c78503a4dca5b679b3131ddb4764a8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 5
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 84740

GET
H2 200 article-detection.20230829-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 48ms
47ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230829-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/telegraphindiacom/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 549b0d45dfe1adef0f4412220c9e7b22ea9aff17db7545eb0534182a8f8d3ed0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: .kKuxheya6ZHgEHmlz5OAp.E5s0XSmae
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 17:47:39 GMT
x-amz-request-id: 6QZM3ZTCTVP24PZA
age: 25714
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1292
x-amz-id-2: xNFHmzIjxAgJ0wjGHDREBZzNhU2ok0BWj8z3vpdS5Q3TGrBil+UksPypd5puiSNhQvke/9grWgY=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Tue, 29 Aug 2023 10:39:06 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693331260.522406,VS0,VE0
etag: "7ee057ba0a60fbf7fc3879e1798df625"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 97
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 84823

POST
H2 204 abtests
am-trc-events.taboola.com/telegraphindiacom/log/3/ 0
245 B 238ms
45ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/telegraphindiacom/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1693331259501%7D&tim=19%3A47%3A39.501&id=2248&llvl=2&ri=f4177642899286d60ee50f70fbb33452&sd=v2_229a4bc3176c1aa0a059fcd655f59a2d_91b5ad32-e399-4066-b1ef-352b4e18f220-tuctbe7b4bb_1693331259_1693331259_CIi3jgYQnNlFGPH-oZOkMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABo8Yjmp8nnrMKLAXAA&ui=91b5ad32-e399-4066-b1ef-352b4e18f220-tuctbe7b4bb&pi=/&wi=8070305629999445780&pt=home&vi=1693331259249&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: https://13.58.185.233
pragma: no-cache
date: Tue, 29 Aug 2023 17:47:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/telegraphindiacom/log/3/ 0
231 B 238ms
45ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/telegraphindiacom/log/3/abtests?route=AM:AM:V&lti=deflated&ri=f4177642899286d60ee50f70fbb33452&sd=v2_229a4bc3176c1aa0a059fcd655f59a2d_91b5ad32-e399-4066-b1ef-352b4e18f220-tuctbe7b4bb_1693331259_1693331259_CIi3jgYQnNlFGPH-oZOkMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABo8Yjmp8nnrMKLAXAA&ui=91b5ad32-e399-4066-b1ef-352b4e18f220-tuctbe7b4bb&pi=/&wi=8070305629999445780&pt=home&vi=1693331259249&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1693331259484%7D&tim=19%3A47%3A39.485&id=3580&llvl=2&cv=20230829-7-RELEASE&
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 29 Aug 2023 17:47:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2

200

B30299934.371364692;dc_pre=CKC038G2goEDFSmDgwcdzPYC6Q;dc_trk_aid=562490953;dc_trk_cid=195535362;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen... Show response
ad.doubleclick.net/ddm/trackimpj/N1355190.2621703TABOOLAEUROPELTD/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N1355190.2621703TABOOLAEUROPELTD/B30299934.371364692;dc_trk_aid=562490953;dc_trk_cid=195535362;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treat...
https://ad.doubleclick.net/ddm/trackimpj/N1355190.2621703TABOOLAEUROPELTD/B30299934.371364692;dc_pre=CKC038G2goEDFSmDgwcdzPYC6Q;dc_trk_aid=562490953;dc_trk_cid=195535362;ord=[timestamp];dc_lat=;dc_...

15 KB
12 KB

73ms
72ms

Script
text/javascript

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N1355190.2621703TABOOLAEUROPELTD/B30299934.371364692;dc_pre=CKC038G2goEDFSmDgwcdzPYC6Q;dc_trk_aid=562490953;dc_trk_cid=195535362;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&ias_adpath=.taboola-right-stream-thumbnails-0

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

b5d631be85df8d26d113ef156e02a9692836eb51e275fde17200ed3b99fda530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11846
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimpj/N1355190.2621703TABOOLAEUROPELTD/B30299934.371364692;dc_pre=CKC038G2goEDFSmDgwcdzPYC6Q;dc_trk_aid=562490953;dc_trk_cid=195535362;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&ias_adpath=.taboola-right-stream-thumbnails-0
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 required-viewability-available Show response
trc.taboola.com/telegraphindiacom/log/3/ 0
319 B 61ms
61ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/telegraphindiacom/log/3/required-viewability-available?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://13.58.185.233/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
date: Tue, 29 Aug 2023 17:47:39 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7996
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230111-FRA
pragma: no-cache
server: nginx
x-timer: S1693331260.544203,VS0,VE10
content-type: image/gif
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

B30299934.371364692;dc_pre=CPyz38G2goEDFWCR_QcdUVAEoA;dc_trk_aid=562490953;dc_trk_cid=195535362;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N1355190.2621703TABOOLAEUROPELTD/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703TABOOLAEUROPELTD/B30299934.371364692;dc_trk_aid=562490953;dc_trk_cid=195535362;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatm...
https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703TABOOLAEUROPELTD/B30299934.371364692;dc_pre=CPyz38G2goEDFWCR_QcdUVAEoA;dc_trk_aid=562490953;dc_trk_cid=195535362;ord=[timestamp];dc_lat=;dc_r...

42 B
348 B

63ms
63ms

Image
image/gif

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703TABOOLAEUROPELTD/B30299934.371364692;dc_pre=CPyz38G2goEDFWCR_QcdUVAEoA;dc_trk_aid=562490953;dc_trk_cid=195535362;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=telegraphindia.com

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N1355190.2621703TABOOLAEUROPELTD/B30299934.371364692;dc_pre=CPyz38G2goEDFWCR_QcdUVAEoA;dc_trk_aid=562490953;dc_trk_cid=195535362;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=telegraphindia.com
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/telegraphindiacom/log/3/ 0
245 B 218ms
46ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/telegraphindiacom/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://13.58.185.233/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://13.58.185.233
pragma: no-cache
date: Tue, 29 Aug 2023 17:47:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 adb7dd8b30ed3f481eb4ccbcf96999ab.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_115%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
5 KB 138ms
137ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_115%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/adb7dd8b30ed3f481eb4ccbcf96999ab.jpg
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c5de2954beb94adfb9e6c570cb9166dec0ddecc7c22504de15974d9006a5e53b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-vcl-time-ms: 94
date: Tue, 29 Aug 2023 17:47:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_115%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/adb7dd8b30ed3f481eb4ccbcf96999ab.jpg
age: 2196820
edge-cache-tag: 424065343434477042083850594429282533385,469003076724496694020487778216065093704,29ecf9b93bbf306179626feeda1fab70
cache-tag: 424065343434477042083850594429282533385,469003076724496694020487778216065093704,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 130
expiration: expiry-date="Sat, 19 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.express.co.uk/
content-length: 4622
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200174-IAD, cache-iad-kjyo7100044-IAD, cache-sna10727-LGB, cache-iad-kiad7000107-IAD, cache-fra-eddf8230111-FRA
last-modified: Wed, 19 Jul 2023 07:09:18 GMT
server: nginx
x-timer: S1693331260.544117,VS0,VE94
etag: "845c335ea3735d3720c231d869b981d2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 37, 1

GET
H2 200 2232653145d39e7c109f68206bdccc9c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_115%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 52ms
51ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_115%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2232653145d39e7c109f68206bdccc9c.png
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ec49e61f31facac14982ff16144b9640d806920da85e60bbe7334f31f84c5d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-vcl-time-ms: 6
date: Tue, 29 Aug 2023 17:47:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_115%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2232653145d39e7c109f68206bdccc9c.png
age: 1648062
edge-cache-tag: 547104124770593704192540129285961684378,469003076724496694020487778216065093704,29ecf9b93bbf306179626feeda1fab70
cache-tag: 547104124770593704192540129285961684378,469003076724496694020487778216065093704,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 92
req-referer: https://www.mirror.co.uk/money/how-pawnbrokers-work-how-many-22611195
content-length: 5488
x-request-id: b4de09ee1e928eb5245d081a5b7e5a49
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200130-IAD, cache-iad-kiad7000165-IAD, cache-chi-kigq8000037-CHI, cache-iad-kjyo7100087-IAD, cache-fra-eddf8230111-FRA
last-modified: Fri, 28 Jul 2023 17:12:55 GMT
server: nginx
x-timer: S1693331260.544138,VS0,VE6
etag: "cc414e572da3c620c82aedb6201fc78a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 17, 1

GET
H2 200 arj Show response
abp-d.openx.net/w/1.0/ 75 B
379 B 1500ms
1380ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://abp-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F13.58.185.233%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=54739e21-5f1f-4f7c-acce-401499ddd703%2Cd6750b97-7985-4792-8dc3-b514b00f0fe2%2C07560307-9bec-4d52-970b-9854efda0b82%2C340e81e9-fb7d-4345-ba06-094b08138712&nocache=1693331259622&aus=970x250%2C970x90%2C728x90%2C300x250%7C250x250%2C300x250%2C200x200%7C970x250%2C970x90%2C728x90%2C300x250%7C970x250%2C970x90%2C728x90%2C300x250&divids=div-gpt-ad-1525337961480-0%2Cdiv-gpt-ad-1691140764872-0%2Cdiv-gpt-ad-1525337961480-1%2Cdiv-gpt-ad-1525337961480-2&aucs=%252F1088475%252FTT_Desk_HP_Header_728x90%2C%252F1088475%252FTT_Desk_HP_RHS_1_300x250%2C%252F1088475%252FTT_Desk_HP_Middle_1_728x90%2C%252F1088475%252FTT_Desk_HP_Middle_2_728x90&auid=559283265%2C559283268%2C559283266%2C559283267
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159328/2813/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a5fe659fd2e6177d11f89d30d49be9ef174b9d2dbdc436a5275e04a2dcac0a8c

Request headers

Referer: https://13.58.185.233/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://13.58.185.233
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
551 B 178ms
62ms XHR
application/json 104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=976022&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%226a9c22a58b953b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2F13.58.185.233%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A15%2C%22msi%22%3A15%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227e9fa09615ea1e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22976022%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22976022%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22976022%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22976022%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F1088475%2FTT_Desk_HP_Header_728x90%22%2C%22gpid%22%3A%22%2F1088475%2FTT_Desk_HP_Header_728x90%22%7D%7D%2C%7B%22id%22%3A%2283d50fcfad1ffc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22976025%22%2C%22sid%22%3A%22250x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22976025%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A200%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22976025%22%2C%22sid%22%3A%22200x200%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F1088475%2FTT_Desk_HP_RHS_1_300x250%22%2C%22gpid%22%3A%22%2F1088475%2FTT_Desk_HP_RHS_1_300x250%22%7D%7D%2C%7B%22id%22%3A%22940225f291181d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22976023%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22976023%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22976023%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22976023%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F1088475%2FTT_Desk_HP_Middle_1_728x90%22%2C%22gpid%22%3A%22%2F1088475%2FTT_Desk_HP_Middle_1_728x90%22%7D%7D%2C%7B%22id%22%3A%2210e48c3733fd549%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22976024%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22976024%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22976024%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22976024%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F1088475%2FTT_Desk_HP_Middle_2_728x90%22%2C%22gpid%22%3A%22%2F1088475%2FTT_Desk_HP_Middle_2_728x90%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159328/2813/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f93ad4173293f72f876f363bf0628f83afad195ae1275d54a291a802b4d99416

Request headers

Referer: https://13.58.185.233/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckjMHE6sfP%2BskbHfe10S0BIVA%2Fb6%2B0S9E4%2BMn7trc%2Fsz8a19Q%2B2mqBzho2h02qAMhSHvK2xpGHWpMherW2VspgHMTDrfVGS5%2B5BH9%2BhsV%2FJ%2BUdV9gFgfqcBzcdtxTnoE9AWk7Pas"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7fe69ed58a8c2c46-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 186ms
62ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159328/2813/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://13.58.185.233/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://13.58.185.233
date: Tue, 29 Aug 2023 17:47:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 484 B
1 KB 136ms
40ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159328/2813/pwt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

94f7aad1e29cb9024ba8b15ad79e31d34bacee9515f69a81c97fe57b0f78aebf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://13.58.185.233/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:39 GMT
an-x-request-uuid: a0166b3c-c935-4975-840c-b4ce98ba6662
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://13.58.185.233
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.108; 80.255.7.108; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 484
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ 41 KB
14 KB 959ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N1355190.2621703TABOOLAEUROPELTD/B30299934.371364692;dc_trk_aid=562490953;dc_trk_cid=195535362;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?&ias_adpath=.taboola-right-stream-thumbnails-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 04:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Aug 2024 04:22:28 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
371 B 49ms
49ms XHR
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F13.58.185.233%2F&domain=13.58.185.233&cw=1&lsw=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159328/2813/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://13.58.185.233/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:39 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 277507
expires: 0

POST
H/1.1 200 596.json Show response
id5-sync.com/g/v2/ 276 B
684 B 255ms
42ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/596.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159328/2813/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

8fb00570dcad4f5541b3ed036f7f31e836680bf5c85e47930332f62fdc53a6d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://13.58.185.233/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://13.58.185.233
date: Tue, 29 Aug 2023 17:47:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
317 B 269ms
56ms XHR
application/json 52.50.102.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159328/2813/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.102.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-102-52.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://13.58.185.233/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache
x-server: 10.45.15.205
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
389 B 270ms
59ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159328/2813/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 710458237fad62b45edf162dc5061095b2e342b820f1b84accbab320a16f3172

Request headers

Referer: https://13.58.185.233/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 29 Aug 2023 17:47:40 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://13.58.185.233
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Thu, 28 Sep 2023 17:47:40 GMT

POST
H2 204 visible Show response
trc.taboola.com/telegraphindiacom/log/3/ 0
340 B 117ms
117ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/telegraphindiacom/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://13.58.185.233/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Tue, 29 Aug 2023 17:47:40 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7260
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230111-FRA
pragma: no-cache
server: nginx
x-timer: S1693331261.590289,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/telegraphindiacom/log/3/ 0
68 B 117ms
117ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/telegraphindiacom/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://13.58.185.233/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Tue, 29 Aug 2023 17:47:40 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7917
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230111-FRA
pragma: no-cache
server: nginx
x-timer: S1693331261.590674,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
717 B 92ms
92ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Tue, 29 Aug 2023 17:47:40 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 12022
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1693331261.615493,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 16
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 8209

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 146ms
48ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F13.58.185.233%2F&domain=13.58.185.233&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://13.58.185.233
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 29 Aug 2023 17:47:39 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 209142
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7FB5 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://13.58.185.233/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 221110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Aug 2023 04:22:30 GMT
expires: Mon, 26 Aug 2024 04:22:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7FB5 37 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:31:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 16:31:55 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 687 B
847 B 111ms
110ms Fetch
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2232719906608456&correlator=668708786362931&eid=31077231&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=1088475%2CTT_HM_Native_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=13.58.185.233&abxe=1&dt=1693331260896&adxs=814&adys=1317&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.telegraphindia.com%2F&loc=https%3A%2F%2F13.58.185.233%2F&vis=1&psz=331x430&msz=300x0&fws=0&ohw=0&ga_vid=356359995.1693331259&ga_sid=1693331261&ga_hid=501166661&ga_fc=true&dlt=1693331257891&idt=1699&cust_params=Homepage%3DHomepage%26url%3Dhttps%253A%252F%252F13.58.185.233%252F&adks=2886797978&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99031bcff3354584083ebc3335e657b6afce4ea4141832f2a78e8da4f53b45cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 350
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 175ms
92ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

294e4acf3fbeb2b139ffa3651d13be5457777d657e8bc5828b7ae85b02a9da1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12036
x-xss-protection: 0

GET
H2 200 container.html Show response
12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A097 6 KB
3 KB 185ms
49ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://13.58.185.233/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 17:47:41 GMT
expires: Wed, 28 Aug 2024 17:47:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 336ms
336ms Fetch
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2232719906608456&correlator=668708786362931&eid=31077231&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=1088475%2CTT_Desk_HP_RHS_1_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250%7C200x200&ifi=2&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=13.58.185.233&abxe=1&dt=1693331260914&adxs=1148&adys=546&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.telegraphindia.com%2F&loc=https%3A%2F%2F13.58.185.233%2F&vis=1&psz=300x200&msz=300x200&fws=512&ohw=0&ga_vid=356359995.1693331259&ga_sid=1693331261&ga_hid=501166661&ga_fc=true&dlt=1693331257891&idt=1699&cust_params=Homepage%3DHomepage%26url%3Dhttps%253A%252F%252F13.58.185.233%252F&adks=2191941833&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dd08bb6a00b0701b4c76dc8b808be2e9a1fe0880271b5bccb2fd70bb37d83ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11297
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://13.58.185.233
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 131 KB
42 KB 628ms
627ms Fetch
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2232719906608456&correlator=668708786362931&eid=31077231&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=1088475%2CTT_Desk_HP_Middle_1_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C300x250&ifi=3&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=13.58.185.233&abxe=1&dt=1693331260921&adxs=152&adys=1854&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.telegraphindia.com%2F&loc=https%3A%2F%2F13.58.185.233%2F&vis=1&psz=1296x0&msz=1296x0&fws=512&ohw=0&ga_vid=356359995.1693331259&ga_sid=1693331261&ga_hid=501166661&ga_fc=true&dlt=1693331257891&idt=1699&cust_params=Homepage%3DHomepage%26url%3Dhttps%253A%252F%252F13.58.185.233%252F&adks=681574920&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8f682206da87a3eed179362b0787e6f1074c91c70cb6e478d70bb8c18c21087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42595
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 538 B
569 B 578ms
577ms Fetch
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2232719906608456&correlator=668708786362931&eid=31077231&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=1088475%2CTT_HM_Native_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&ifi=4&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=13.58.185.233&abxe=1&dt=1693331260926&adxs=987&adys=2380&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.telegraphindia.com%2F&loc=https%3A%2F%2F13.58.185.233%2F&vis=1&psz=460x85&msz=460x0&fws=0&ohw=0&ga_vid=356359995.1693331259&ga_sid=1693331261&ga_hid=501166661&ga_fc=true&dlt=1693331257891&idt=1699&cust_params=Homepage%3DHomepage%26url%3Dhttps%253A%252F%252F13.58.185.233%252F&adks=436775461&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee66cd3cbb94063a225ab4794ad2779f4d78a8a85cd97bb90ccd5ee48287c3ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
16 KB 877ms
877ms Fetch
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2232719906608456&correlator=668708786362931&eid=31077231&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=1088475%2CTT_Desk_HP_Middle_2_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C300x250&ifi=5&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=13.58.185.233&abxe=1&dt=1693331260933&adxs=152&adys=3317&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.telegraphindia.com%2F&loc=https%3A%2F%2F13.58.185.233%2F&vis=1&psz=1296x0&msz=1296x0&fws=512&ohw=0&ga_vid=356359995.1693331259&ga_sid=1693331261&ga_hid=501166661&ga_fc=true&dlt=1693331257891&idt=1699&cust_params=Homepage%3DHomepage%26url%3Dhttps%253A%252F%252F13.58.185.233%252F&adks=1230909041&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2f6f29d4df27f1c441a131ea019b5faf63ac07b218bd99c4816199ff73c3dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15887
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 608 B
576 B 1078ms
1078ms Fetch
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2232719906608456&correlator=668708786362931&eid=31077231&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=1088475%2CTT_HM_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&sfv=1-0-40&ists=1&eri=4&sc=1&cookie_enabled=1&cdm=13.58.185.233&abxe=1&dt=1693331260939&adxs=0&adys=14482&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.telegraphindia.com%2F&loc=https%3A%2F%2F13.58.185.233%2F&vis=1&psz=1600x15337&msz=1600x0&fws=0&ohw=0&ga_vid=356359995.1693331259&ga_sid=1693331261&ga_hid=501166661&ga_fc=true&dlt=1693331257891&idt=1699&cust_params=Homepage%3DHomepage%26url%3Dhttps%253A%252F%252F13.58.185.233%252F&adks=3965975053&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f22df4425028e0bc0be31f6f5602e4ec54b910c6847c712ef039d2b606ce4709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 272
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 609 B
575 B 1197ms
1196ms Fetch
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2232719906608456&correlator=668708786362931&eid=31077231&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=1088475%2CTT_HM_Slider_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&ists=1&eri=4&sc=1&cookie_enabled=1&cdm=13.58.185.233&abxe=1&dt=1693331260945&adxs=0&adys=14482&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.telegraphindia.com%2F&loc=https%3A%2F%2F13.58.185.233%2F&vis=1&psz=1600x15337&msz=1600x0&fws=0&ohw=0&ga_vid=356359995.1693331259&ga_sid=1693331261&ga_hid=501166661&ga_fc=true&dlt=1693331257891&idt=1699&cust_params=Homepage%3DHomepage%26url%3Dhttps%253A%252F%252F13.58.185.233%252F&adks=1163322708&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82b0364e8faf9bace6b5f1dd57153a63a4cc76a32749be3dbd8a6c382e22ac26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 270
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 65 KB
14 KB 1463ms
1462ms Fetch
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2232719906608456&correlator=668708786362931&eid=31077231&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=1088475%2CTT_Desk_HP_Header_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C300x250&ifi=8&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=13.58.185.233&abxe=1&dt=1693331260950&adxs=152&adys=21&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.telegraphindia.com%2F&loc=https%3A%2F%2F13.58.185.233%2F&vis=1&psz=1296x0&msz=1296x0&fws=512&ohw=0&ga_vid=356359995.1693331259&ga_sid=1693331261&ga_hid=501166661&ga_fc=true&dlt=1693331257891&idt=1699&cust_params=Homepage%3DHomepage%26url%3Dhttps%253A%252F%252F13.58.185.233%252F&adks=503494705&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b71fd460b6ae925dffa2ed87e9a531b1cff3ee728bc55821d46bad3d5aa8747d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14458
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://13.58.185.233
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E73E 52 KB
17 KB 143ms
41ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159328/2813/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://13.58.185.233/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 40352
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 29 Aug 2023 17:47:41 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 311, 250340
X-Served-By: cache-lga13626-LGA, cache-fra-etou8220093-FRA
X-Timer: S1693331261.072469,VS0,VE0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame FEF2 3 KB
2 KB 152ms
54ms Document
text/html 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159328/2813/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://13.58.185.233/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 591
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7fe69eddabb33a3d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 17:47:41 GMT
expires: Tue, 29 Aug 2023 21:47:41 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DAD1 15 KB
6 KB 46ms
46ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159328/2813/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://13.58.185.233/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120970
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Tue, 29 Aug 2023 17:47:40 GMT
expires: Thu, 31 Aug 2023 03:23:50 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame DAD1 2 KB
3 KB 143ms
41ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23342368&p=159328&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: d77331b1bf5469f1dae8853c659d1be2b00063265816f40815ecdf6900e50ec9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 17:47:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FB5 0
121 B 140ms
139ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiXFiOy_uZLesK8u4x_AP1pGuqAsAAAAAOAHgBAI&bg=!LS6lLmHNAAYkVgHwBFY7ADQBe5WfOHuyQN8BQGZ_60iQhBBOadpvisMv-LnAcyEbH4yIfoTbiyzpfv2ynVM4I7G5bdItAgAAAKpSAAAABWgBBwoAt4nXT8rKRGbMst9RrdxUs0BZDj_iuUDvEnePyFB54EYXbS6h1Ntkm-JxPOQozhitGKYTtzFFMLM6kaIHw4kolmVVwgJHeB-E9glFOcDfyDWyMqkc23Bi8SpGXMCqeh4SR-wiNW64Ag3CplriDH_9rMr2bUalPMuJKY72Pp7u6h2e3mfpb0lbx11yx2ZtUMLNEvhpmYNBU9t0wjOyyw1B2AuHIZ5Ppr3saw-tMzD816fSOWqsoQLK7ZkCvaNZRv3LmjgtfXmIYafCSdL7T3cupItfkFquGKCbS2MJrHjmqN5OHcJ2V79ls7S-bxSCiiAX5-Oub3_PXxYxoZYHP-gMKRIdbqrlUS06SOYK87rWCAkjlJWmu8ORUW3GeRP-Q5TM-vU6TY4hCAkNSfl8KbnhAAgLQs9u-Q2l7h1GPT5dpcMwH95gv_RBpaUtftAJS_lOLxxjUkrUx5GZWAN-_2q78VaRpxLGhedKsHoNUieQaENrfXQAGHdMXNpPyRaZdpouCUtGahvqOoMr4G1AJoB5GrgKSzyXhS2hJohphOhlzijxULR69RwNw2VUm8V4lMrOJ69RbLOOACYvnwDM0bwaCr3gh1gB1cnmP7IHw1poq6AFIURjXRU5t0pU3UGVq-AkZsAXIr0oSunyqwCOsKXzh4ZsD-0BOqa67GMwZs52RWS-ye9x1K3lqUMSZcnUZC55tHVgD6n-IMy3NA2ENfZ79rADQFk_3dFZ68jEh5m5AiSxaAHy6x4-Yt_MKkt-whzkMewQJJVhwdSWDuP1Yki6UFS9_oQfe8FAZRR-cHq9lcpt3vxK5JU-wWGV1wbQV_4q9TxdAYC3k3Ka1K-vBHIN2B3pLRMMLNVTd5QepkzsIUGD-geMlmY_r2YUsQZqcB_cU7QN8DDS97bDwq5qCSZOaP4X9OshBJeMC34mWpuMe9jwam0A4vAZnkOanSk_0nhVIOoSSgv9u2nkEeYNUdpUUcUmsMoTwetfV5jX3t6i71CplKaTvaN5wfbhjm9OarEN2CeDYa161jImwtS5PEEyejSA3a0r_ItBuYJB0aSJdo86x2z3LRh6lu64NRlo8pFhggXKkVtZOAxjNFDMrEZJUGm7tRPwrd41QNL92lChEmOHMkC5bK_kzSz6BXNj18sX3IQ-AypyXVkl0y7t7bltk39Rii2chn_e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 17:47:41 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame E73E 0
595 B 39ms
38ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
an-x-request-uuid: 94080356-f261-4c7e-8791-44f83266841a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.108; 80.255.7.108; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame B1DA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
818 B

59ms
58ms

Document
text/html

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d7db93f7b1062491dda9d22c87075309401e6f2092f4724839b7d4fb16f3d82

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7fe69edeafb22c46-FRA
content-encoding: br
content-type: text/html
date: Tue, 29 Aug 2023 17:47:41 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIT9EWVksI3DO7ItyYT8%2Fr6chU69t5mGbZX1L732AYIKmrMgV%2B6K7JWtjmXVz5Vpy9juQsvKBrLfc1gqtnQludlaBjRkQNd6Gu29ibrNFoUPCs4gsPCO2MyGH1CsTJnwGTWlC3eyeNga%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7fe69ede5f202c46-FRA
content-length: 0
date: Tue, 29 Aug 2023 17:47:41 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SF26gwGjmUWtM5AeMOO6NItD5kl0GqiZ6AfKxRsh5VKy66SjBKs9YyuVJfLncgHLkqMNHJS%2F5WYB6%2BqB0s35mXprdsubnVl%2FC7y2v8olUOIh0ymcaLhsLeEcB3wrGjppfs0xk7qlfC0jGA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5F39 13 KB
5 KB 44ms
39ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://13.58.185.233/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33707
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 08:25:54 GMT
expires: Wed, 28 Aug 2024 08:25:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7B09 829 B
1 KB 142ms
48ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b457c268b77dd74cee814e1a0bcecca9f79f81bc3dc1d654e173ec2f51cb2130

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-du6FaeXvbU86ENHj8koRRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://13.58.185.233/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-du6FaeXvbU86ENHj8koRRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 17:47:41 GMT
expires: Tue, 29 Aug 2023 17:47:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame E9D1 43 B
363 B 164ms
51ms Document
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 17:47:40 GMT
expires: Tue, 29 Aug 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 215694
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 1EB2
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=ED4F2DB8-E190-4B07-A092-3D44CB84056F&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=ED4F2DB8-E190-4B07-A092-3D44CB84056F&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

229ms
229ms

Document
image/gif

67.220.226.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=ED4F2DB8-E190-4B07-A092-3D44CB84056F&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 29 Aug 2023 17:47:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 9MVXNCR2RY8AQSFR6M6P

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 29 Aug 2023 17:47:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=ED4F2DB8-E190-4B07-A092-3D44CB84056F&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: VPN410EDCYTMXWGMNQRE

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8A43
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TBcc8UhFSvBXF0-jSRdU8EMTSfVXExjyThfohcxs

42 B
421 B

179ms
47ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TBcc8UhFSvBXF0-jSRdU8EMTSfVXExjyThfohcxs
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 29 Aug 2023 17:47:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Tue, 29 Aug 2023 17:47:41 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TBcc8UhFSvBXF0-jSRdU8EMTSfVXExjyThfohcxs
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DAD1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7U8tuOGQSwegkj1Ey4QFbw%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

44ms
44ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=120969
accept-ranges: bytes
content-length: 5606
expires: Thu, 31 Aug 2023 03:23:50 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame DAD1 49 B
266 B 181ms
57ms Image
image/gif 52.31.175.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=ED4F2DB8-E190-4B07-A092-3D44CB84056F&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.175.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.22.104
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame DAD1
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3080314654
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=ED4F2DB8-E190-4B07-A092-3D44CB84056F

0
284 B

137ms
48ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=ED4F2DB8-E190-4B07-A092-3D44CB84056F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
via: 1.1 google
last-modified: Tue, 29 Aug 2023 17:47:41 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=ED4F2DB8-E190-4B07-A092-3D44CB84056F
date: Tue, 29 Aug 2023 17:47:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame DAD1
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=ED4F2DB8-E190-4B07-A092-3D44CB84056F
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWIxU21reC14TE1SQmlrdUYxbnNtbndPUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=1460623923873259275&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

180ms
179ms

Image
image/png

54.198.150.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: HTTP/1.1
Server: 54.198.150.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-150-240.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 17:47:42 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 29 Aug 2023 17:47:42 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DAD1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUQ0RjJEQjgtRTE5MC00QjA3LUEwOTItM0Q0NENCODQwNTZG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

163ms
47ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 29 Aug 2023 17:47:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DAD1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHCs-X7A7P0dh7hWXvIxTpg&google_cver=1

42 B
347 B

164ms
48ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHCs-X7A7P0dh7hWXvIxTpg&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 29 Aug 2023 17:47:41 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHCs-X7A7P0dh7hWXvIxTpg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame DAD1 43 B
610 B 150ms
44ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 28 Aug 2023 17:47:41 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DAD1 70 B
264 B 59ms
58ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DAD1
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1460623923873259275

42 B
472 B

159ms
42ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1460623923873259275
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 29 Aug 2023 17:47:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1460623923873259275
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 ED4F2DB8-E190-4B07-A092-3D44CB84056F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DAD1 43 B
426 B 193ms
68ms Image
image/gif 2a05:d018:d29:3605:999f:1d55:f8df:b156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/ED4F2DB8-E190-4B07-A092-3D44CB84056F?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:999f:1d55:f8df:b156 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame DAD1 0
125 B 468ms
329ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ED4F2DB8-E190-4B07-A092-3D44CB84056F&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F39 37 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:24:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 17:24:05 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame E731 222 KB
62 KB 171ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 19:22:21 GMT
age: 599120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 19:22:21 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame E731 15 KB
5 KB 271ms
142ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 23 Aug 2023 10:00:11 GMT
age: 546450
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Aug 2024 10:00:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame E731 94 KB
28 KB 248ms
120ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 05:50:45 GMT
age: 43016
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 05:50:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame E731 5 KB
2 KB 270ms
142ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 16:22:50 GMT
age: 5091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 16:22:50 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame E731 40 KB
13 KB 263ms
135ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 10:05:13 GMT
age: 27748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 10:05:13 GMT

GET
DATA 200
OK truncated
/ Frame E731 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81f8dc20470e4285244e553a7042ae687d4f50ec039786dce0c0efc33881bd8c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 11495644488572161909
tpc.googlesyndication.com/simgad/ Frame E731 64 KB
64 KB 42ms
41ms Image
image/gif 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11495644488572161909

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6401f7470ab74bbf1b377d8d7894b9cf6f83f61ba01f7da0120efeca0409f3a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 09:39:29 GMT
x-content-type-options: nosniff
age: 288492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65573
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 06:45:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Aug 2024 09:39:29 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E731 2 KB
2 KB 57ms
56ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 01:27:29 GMT
x-content-type-options: nosniff
server: cafe
age: 58812
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 30 Aug 2023 01:27:29 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E731 295 B
319 B 59ms
58ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 8782
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 30 Aug 2023 15:21:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E731 0
0 48ms
47ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-E43VrO4E3XamhpqlFoCwr9cD9JkITyz8V61aJbZWkXdhZyQlF_qWl9uKaLvIiz5uCC8psYwGV2PhfN2yFDQHbhuJ6A
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame B1DA
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO4vPSPiSc1qKW-Sc32wgAAAFLAAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO4vPSPiSc1qKW-Sc32wgAAAFLAAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

130ms
129ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO4vPSPiSc1qKW-Sc32wgAAAFLAAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 17:47:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 215Z892ED4ETV25QC0RW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 17:47:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FAVBTV4XHMYYK94QB8D3
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO4vPSPiSc1qKW-Sc32wgAAAFLAAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B1DA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZO4vPSPiSc1qKW.Sc32wgAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOUKzDBw9HM_uB61yu3wuok&google_cver=1&google_hm=2

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOUKzDBw9HM_uB61yu3wuok&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 17:47:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOUKzDBw9HM_uB61yu3wuok&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame B1DA 70 B
264 B 59ms
58ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame B1DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZO4vPSPiSc1qKW-Sc32wgAAAFLAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ2fuokG-ro2X-2UDx8sqrk&google_cver=1

43 B
774 B

56ms
56ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ2fuokG-ro2X-2UDx8sqrk&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhEMx0O4HAl2q%2BuIN2ZoLDAxqpOOOoGtaFYJ1FGknfkE6dCDH4P2gQNTRHfIv2tTPUZESdICq%2FB6wNduQD4fsMTP2k%2F%2ByA%2FdOvu1KktKqjixwezBEySdfcBUUCccU7oMS1m%2BpOBjB9uMlw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fe69edf7d341e14-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ2fuokG-ro2X-2UDx8sqrk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B1DA
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8336458625835832832

43 B
632 B

152ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8336458625835832832
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 17:47:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
an-x-request-uuid: e2b30b8f-7d18-48ec-8561-265aa6001eed
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8336458625835832832
x-proxy-origin: 80.255.7.108; 80.255.7.108; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum.casalemedia.com/ Frame B1DA
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1693417661

43 B
328 B

72ms
55ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1693417661
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7W9%2B%2Bqcqxz8YZega5pkKpt2sv6C2YLAroLfrOrm6SenPUdMqbc5zXJ%2BKBu2Y8dhByZ6H2QVbBt%2BLWBIQLQwvM6F4pID23fSjB6o7klSOc58Qb4cRboeRIA3xey7K9WdeTMSXSb9"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fe69ee07a732c46-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1693417661
pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 200 ix
ad4m.at/ad/sim/ Frame B1DA 0
0 153ms
54ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B1DA
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9131303406352279264

43 B
632 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9131303406352279264
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 17:47:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9131303406352279264
pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame B1DA 43 B
353 B 146ms
48ms Image
image/gif 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZO4vPSPiSc1qKW.Sc32wgAAA%265296
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2F13.58.185.233%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 83320
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe69edfce1037fb-FRA
content-length: 43
expires: Wed, 30 Aug 2023 17:47:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7B09 0
0 134ms
133ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240101&jk=2232719906608456&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5F39 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-oN1zw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 46ms
45ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 17:47:41 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 102
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1693331261.494231,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 27
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 791

GET
H2 200 / Show response
pips.taboola.com/ 64 B
244 B 154ms
41ms XHR
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: db60cd2e74c553d9869d22a4166722e878e5d1613b3f92583d87cd0ef5fa6d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220065-FRA
date: Tue, 29 Aug 2023 17:47:41 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://13.58.185.233
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E731
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

144ms
54ms

Image
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H2
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Redirect headers

date: Tue, 29 Aug 2023 17:47:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 container.html Show response
12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9EE9 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://13.58.185.233/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 17:47:41 GMT
expires: Wed, 28 Aug 2024 17:47:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E731 0
0 85ms
85ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ceze6PC_uZNT2O7Gx78EPv-SyiAuS2u2ba52w58LCDsLrwNCaKRABII2h9x9glar1gZQHoAH87syWA8gBA6kCLAj9bDMhsj7gAgCoAwHIAwiqBJICT9Df5auQraU7W0aEiF0VAUSSsNypZv7wtdhsf_Xy23C8fzEESi1qWdVAyxeJIR15X7hpmtYy6nkPILdSO0H7ZCVLstpUJfRISbdnVt_xrEJM7ZDGlRy9ErK4-E2eMeA1HMarZ-RQ3XeBu3luUuJ9yy48B0oOXYzS12siITlK6F8_oXwnakHGYhjb3ayT1dqN_SXS4KsDDFnBbMHoUY2HBMQBmvrFwac415T9nr4R_hWNeoaHXrQ-9gREYnnNk9_tgxOuiNusTsfk94Xlf6bg7663jh_duul9HVqeI44oP4WaHRFw8Gy2-sVIJikVlLIPxoHfoXTVi_ls-Exb_UojNO3C-jwCCpWMxMxiw0IYIIU0ecAEkNaovfID4AQBiAXL8v6vNpIFBAgEGAGSBQQIBRgEoAYDgAfskLNpqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQpqQG0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJKGh0dHBzOi8vcm9wcGVuaGVpbS50aGVzdHlsZW91dGxldHMuZnIvZGWACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItOTEwNDQ1NTI1MTIxNzg2MBir8go&sigh=bVeyu-TbgoM&uach_m=[]&ase=2&cid=CAQSPABpAlJWLpbYv_5iZuyDM7lLTMQqhERier53sqsIkWZgoquikPdIQMUUIaH68y_USj6poIwXAE1VaMLLxxgB&cbvp=2
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame 9EE9 2 KB
662 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 17:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 16:03:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Aug 2023 17:47:41 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 9EE9 2 KB
892 B 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 14:00:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 9EE9 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite_fy2021.js

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 9EE9 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:55:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 562F 1 KB
643 B 43ms
39ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Wed, 30 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 9EE9 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:55:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9EE9 0
0 52ms
48ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaStNvujwWAtS0rMfyQG8kCqghvFdUj2Ke7zaMU3ie_K_w3fqZN-DUIhD-bX7kvaEUPhG1rrWxyTSmqQSD0gg77UqTJynQ
Requested by: Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9EE9 181 KB
56 KB 85ms
79ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 17:47:41 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 9EE9 36 KB
15 KB 135ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:09:09 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9EE9 24 KB
24 KB 189ms
76ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQu8hXor3cc2zpvpftjb7TRIcrntFO3mAY6nY1ojfW6JIZ8ReZ0Fgd7mJJrw4s&usqp=CAI

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10e9c0a651b1fb3dd5d6e680b997a0719adadb544993ffe0b4a89b40f3c85a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:21:04 GMT
x-content-type-options: nosniff
age: 12397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24678
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 07:35:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 28 Aug 2024 14:21:04 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9EE9 21 KB
21 KB 152ms
40ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQCSAKMkhuFzM7cc4dohWO8hqoMnzgzQrKu3taC-OrrEPRimtBt5W6EdA7LTA&usqp=CAI

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288af7de15bb3a0231c414b28a3c9af8ba69536a6a119579ffe44e7247154e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 02:38:18 GMT
x-content-type-options: nosniff
age: 313763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21449
x-xss-protection: 0
last-modified: Sun, 10 Apr 2022 01:32:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 25 Aug 2024 02:38:18 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9EE9 17 KB
18 KB 149ms
42ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQUiL7pQ3TnB_1lz-tJIEKk8LPYzdInrnZslU3TdvdP0CzXRlfe-QmhuLEx2lU&usqp=CAI

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17e8854a33bce82e882bf452a0fdc3fe3ce85f0ebaccfd0d7c2eddc89c4fdca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 06:19:35 GMT
x-content-type-options: nosniff
age: 300486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17847
x-xss-protection: 0
last-modified: Wed, 01 Apr 2020 11:42:12 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 25 Aug 2024 06:19:35 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9EE9 34 KB
35 KB 150ms
44ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQzObVFD0IWd8dCQHFoksfqmqMMVvwm_V--gZn1F9LwZ0vTSf45awmF22IgIg&usqp=CAI

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a48b50c4347ea57e67c362ce73337ab69f7fb797dd7ec05522678c2612a3bae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 05:00:50 GMT
x-content-type-options: nosniff
age: 305211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35025
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 15:11:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 25 Aug 2024 05:00:50 GMT

GET
H3

200

16029425320012453748
tpc.googlesyndication.com/simgad/ Frame 9EE9
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDns_i1XBD1BRi-ATIIkxWUa1Mfghs
https://tpc.googlesyndication.com/simgad/16029425320012453748

43 KB
43 KB

41ms
40ms

Image
image/png

2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16029425320012453748

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce442541f7b949c22e1a99ca413d8ca7d1217d2d6e748daa0500e7a6a445859a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 23:40:39 GMT
x-content-type-options: nosniff
age: 324422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44041
x-xss-protection: 0
last-modified: Wed, 02 Oct 2019 13:50:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Aug 2024 23:40:39 GMT

Redirect headers

date: Tue, 29 Aug 2023 15:53:19 GMT
x-content-type-options: nosniff
server: cafe
age: 6862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/16029425320012453748
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 28 Sep 2023 15:53:19 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 390ms
113ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=91b5ad32-e399-4066-b1ef-352b4e18f220-tuctbe7b4bb&uad=3992ccb3af03535e9a36522b5bdab5c153ee264de529da6bb1eea9fcfa654abc&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 17:47:42 GMT
cache-control: no-store
server: nginx

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 562F
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOGs3e13Bl1f77sCX8eff6M&google_cver=1&google_push=AXcoOmSRmhrfRmsG-gsBwuX9ErJE9_SneaP_CXTBFeaaHAtMYm4hxLdb3S...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSRmhrfRmsG-gsBwuX9ErJE9_SneaP_CXTBFeaaHAtMYm4hxLdb3SsZCUvtgHh6RFZPB_lGjgj-kIatzRLC0GULe0rch_c&google_hm=YI3z2vKkJfAmY...

170 B
188 B

51ms
51ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSRmhrfRmsG-gsBwuX9ErJE9_SneaP_CXTBFeaaHAtMYm4hxLdb3SsZCUvtgHh6RFZPB_lGjgj-kIatzRLC0GULe0rch_c&google_hm=YI3z2vKkJfAmY75tda7z5g

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSRmhrfRmsG-gsBwuX9ErJE9_SneaP_CXTBFeaaHAtMYm4hxLdb3SsZCUvtgHh6RFZPB_lGjgj-kIatzRLC0GULe0rch_c&google_hm=YI3z2vKkJfAmY75tda7z5g
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 562F 0
103 B 55ms
45ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDDEjkjVJDV7NOTDODrHzL8&google_cver=1&google_push=AXcoOmSd_hJWBFXw5OLLHRx2s88VCNj0Fbxl9Q53jT95qUSg4mUoUMeBvSRCrxrZ7fCey_2V_vhVWpwm_i5aOkR5PE6_t3g1RYk
Requested by: Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 562F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEL7vXucA6Cm6jPcdy-Czgew&google_cver=1&google_push=AXcoOmTfTWHBoHaoM4RtwEeY_63G4-KSOHWyspX8l4wu51cDNPslEWlG3xH6ZGetB4SHCycK28iZCZvuHCFcbaeY...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTfTWHBoHaoM4RtwEeY_63G4-KSOHWyspX8l4wu51cDNPslEWlG3xH6ZGetB4SHCycK28iZCZvuHCFcbaeYKstfuAemINU

170 B
188 B

52ms
50ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTfTWHBoHaoM4RtwEeY_63G4-KSOHWyspX8l4wu51cDNPslEWlG3xH6ZGetB4SHCycK28iZCZvuHCFcbaeYKstfuAemINU

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 29 Aug 2023 17:47:41 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x16 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTfTWHBoHaoM4RtwEeY_63G4-KSOHWyspX8l4wu51cDNPslEWlG3xH6ZGetB4SHCycK28iZCZvuHCFcbaeYKstfuAemINU
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 29 Aug 2023 17:47:40 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 562F 70 B
264 B 60ms
58ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENpLOvmA7iWg4ZcQLcUShdY&google_cver=1&google_push=AXcoOmR3S23633bZ9Asi7LgRMJKoA5zgfXExWr2ENzT1f0C9kt2ExGMD9_rwBdHzkCHV7XZzXl51ySFFaYEAKkhoglHhqL716Iq4
Requested by: Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dds
rtb.openx.net/sync/ Frame 562F 43 B
245 B 154ms
48ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEN_SrMeGKpquB3NYJA8Z10U&google_cver=1&google_push=AXcoOmT-pcYEsNtoYRmireXQ0-Gy9bTg6JkdchawztAjHBGGx4FjUjJqZJB7kVHQaLUiAAPbkum66tXjAaiYUtHmsL1V09LX1gk
Requested by: Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 562F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELZveBckj0Q9kJu5FSetQVs&google_cver=1&google_push=AXcoOmRJ0rx8pVinrZlt_zGMdta-6JoqsZ-UB8ppa4Res1uXLPQBJn6B_cgUm6HlmomukB8UgPy...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExXTFBOU00tRi05QlI2&google_push=AXcoOmRJ0rx8pVinrZlt_zGMdta-6JoqsZ-UB8ppa4Res1uXLPQBJn6B_cgUm6HlmomukB8UgPyhZTRn84hipOnuWZgLcBMagqVi

170 B
188 B

50ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExXTFBOU00tRi05QlI2&google_push=AXcoOmRJ0rx8pVinrZlt_zGMdta-6JoqsZ-UB8ppa4Res1uXLPQBJn6B_cgUm6HlmomukB8UgPyhZTRn84hipOnuWZgLcBMagqVi

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExXTFBOU00tRi05QlI2&google_push=AXcoOmRJ0rx8pVinrZlt_zGMdta-6JoqsZ-UB8ppa4Res1uXLPQBJn6B_cgUm6HlmomukB8UgPyhZTRn84hipOnuWZgLcBMagqVi
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 562F
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAyRcwCTAzWz-8ZBZ9PRWGo&google_cver=1&google_push=AXcoOmRzJJxYcyu5Uo40iqf9W6E0koPNkko1o5d7jJy1odT9pNqS5RLyA4zGB42m2EVEsGJICkNDgAO8aoGR...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRzJJxYcyu5Uo40iqf9W6E0koPNkko1o5d7jJy1odT9pNqS5RLyA4zGB42m2EVEsGJICkNDgAO8aoGR3AqhTqZ6SkhHbf0

170 B
188 B

50ms
50ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRzJJxYcyu5Uo40iqf9W6E0koPNkko1o5d7jJy1odT9pNqS5RLyA4zGB42m2EVEsGJICkNDgAO8aoGR3AqhTqZ6SkhHbf0

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRzJJxYcyu5Uo40iqf9W6E0koPNkko1o5d7jJy1odT9pNqS5RLyA4zGB42m2EVEsGJICkNDgAO8aoGR3AqhTqZ6SkhHbf0
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 562F 0
12 B 50ms
48ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kobv7FiHpq6ACbn6iyYNLDnVi75bdT5PxBu3E22aU5TzgEyaxaJ3XwqLd2Ri7QxXE4giNs

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 9EE9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69eb9b5be406d57a9040f797f2f852dfc3852e5924c921ba526622fad8bb47cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A389 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://13.58.185.233/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 17:47:41 GMT
expires: Wed, 28 Aug 2024 17:47:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 9EE9 20 KB
20 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 07:15:13 GMT
x-content-type-options: nosniff
age: 297148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 07:15:13 GMT

OPTIONS
H2 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 76ms
75ms Preflight
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C6xUnPS_uZJ6fDPio78EP_v2TuASXmISucq_psIelCmQQASCNofcfYJWq9YGUB6AB9dW7_QLIAQmpAiwI_WwzIbI-4AIAqAMByAPLBKoEkwJP0H5W1r0sgB05rEn9t9VmiwRRSKfmTmKsdqvyX2sislMo8nMYz8hHIX2tsr0bmxUIvkudchL6mfKpmTHUVmFRMPoyOj4Q4KO9G6g-Aw9PSo3TTlByA7NhfdieAS0LI_y0Fn9sgonxJf0wshrwr6ZnGqryV00tfXeDFVciU_92_VFf_EDnaV6qvIxGsVFiXkoPmfkTcXeotFUBvELMXilq8Gg9xe0ycXGUVIee_FNNaYC0vBCCaR7YPwI6o0Hp_yZ72t-TvykuZlInziy68urBHoeAul6QzfPoNNX6knA_aL5RZJeW64h1iGwoUDe21aVzEDjE_VqhoP5puEBT3cKQupZfn4WmSdumWwUMsoVIWBASB8AE6OnMlrwC4AQBiAXWw8XfGJIFBAgEGAGSBQQIBRgEoAYugAfzqcSCAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCjwgXSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgkiaHR0cHM6Ly93d3cuc2Nvb3Rlci1jZW50ZXIuY29tL2RlL4AKA8gLAdgTC4gUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi05MTA0NDU1MjUxMjE3ODYwGKvyCg&sigh=--P9v9HDJdE&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWytRfI4QaH18ZhB9bE76M2HnAVSAH5APdkf18Th7sHgCgkZpKzyJOYqDpenzX0F6vCk3PLNrylhgB&template_id=494&cbvp=2&vis=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 17:47:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9EE9
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=C6xUnPS_uZJ6fDPio78EP_v2TuASXmISucq_psIelCmQQASCNofcfYJWq9YGUB6AB9dW7_QLIAQmpAiwI_WwzIbI-4AIAqAMByAPLBKoEkwJP0H5W1r0sgB05rEn9t9VmiwRRSKfmTmKs...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214228851006016706282%22,%22debug_reporting%22:true,%22destination%22:%22https://scooter-center.com%22,%22event_report_wind...

0
0

259ms
137ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214228851006016706282%22,%22debug_reporting%22:true,%22destination%22:%22https://scooter-center.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22799992565%22],%224%22:[%2208-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221218660060169534177%22}&andc=true

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14228851006016706282","debug_reporting":true,"destination":"https://scooter-center.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["799992565"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"1218660060169534177"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 17:47:42 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 17:47:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14228851006016706282","debug_reporting":true,"destination":"https://scooter-center.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["799992565"],"4":["08-29"],"6":["true"]},"priority":"500","source_event_id":"1218660060169534177"}&andc=true
access-control-allow-origin: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2CE1 187 KB
58 KB 230ms
114ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO4vPQAHIJ4CO8-mAAgtrvjQsREi31QZOZvh1g&u=%7Cr%2FRrmP1EZXe3FrRSTRMYXWgpJSuLij1rwC6MXEgJY%2Bw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku46uZqnm0IDQE0mgmeM1aUcn0pwl7nLc0l3qJR2nUlYyr-bGVJn68ZH4qPvylDNtTvS6SXp_FhZFSuZ5oqsipCrbxy1oriZ1VPhTwVz5g6YcsP1nAFkFBnydrBEGqClgy5uR5mOON6Ndb7FO955S-G9zZo6dSX6fOQcdJMNHHFacLRMU5GYCH9e3YKZDLBn9ChPRC93anarLAPds_2EU5Tip3tfkOB1fIHNQdTj22jZMbCuHcM_AIN_OpbmOdnY2STpP7LTk9wTkwmm2FY2ih_SuNzeBDeaUHPdJo8MI-faM3i70voJeoF3otqyGOPp8G7m_drnuLgpzm2gSIK2xMe8FNiImVDwNAFSMrIxsAu-sNzTSHU57uyyVi5azGKnKTlK4YiY3XbO2zqNdy6cInKdt1AFp4lRtzJVgY1y7-H-AHTOcmIBYggTV485PskN3hxf1AwHNEfr-g1P07SWrGQq5-2hyYZeD83zZ-ByO8hkUkEp-8uyzfZF74SbLF0l-sgi3t2yrjHd1VrXcSxzdDGdIQHQWhMz7LD5fldhvZ-CGILI9t3nAQbQnF5i8KxLo7x75LShn58K5XV-0h-Pno7eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTNklPS_uZJ7BHKaf78EPrtug0ATJntKxXNWdkfdwwI23ARABIABglar1gZQHggEXY2EtcHViLTcxOTcwNTkzMjgyMTAzNzfIAQmpAiwI_WwzIbI-4AIAqAMByAMCqgSgAk_Q7L9iBCqtCBt8PMGAxKRP_i20HTqhABK2xyNkAeBWj6itvf_eBUDa28EHTvgIiVrvu6wxvkpC4a1VdK3VTU3PSe-HKQaKgnTBko1C7zCe4G1UPknBH41cO6nQ0rqYFVCZabV5UoAMqn2bHWrTIii82R1i7bwPEPhCzo8_PNK9_gCLprvcsQzy3Nf4M24PY5Rv3kKmIeI81wz8KWuuOHPvttBN9VaKuSpWkaPr7QjH-SaBjLfnQ-3wITO-UZNoRqzcOksOFRHbpSph-Onb0gGMXVc1x_32oHo4zAlB463vsOprJU1QwBpVoHXmIiv5cWLiDebKgMB3sjisoe2xpK-p2sheuzxeENfIE5NfOwrU50ezapmQdA_h679IU79sQuAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2GtzOtHmT0Jo2_C4Uz6ReAxpiyhg%26client%3Dca-pub-7197059328210377%26adurl%3D

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d06cdb19a6e9b02f560be6ba16e23f091a053742a594342e955f1f1a27667ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 17:47:41 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=r_rxXgNGjkx_anGHgD-QtdgOQEpiytQ1IlaMtpT0iCL5XpSTm_efQz7TTL5KaSvttupxBX4dHphE20g7gIWhIF5pPnSvLKtGBvQJ7nTj9hUmxYEGmY8ayftaejbHm_-ePFYeFjdFl6QTR3mP2DGLVr1qN-axmWfT0-iNJsKN9siNbJfbpD1GwLBUtt-pBvCoyCEfFVCAzuBVzCz-0Ss7cjvB9KIc7tPDbbMgZofsr_KG4UEvthnODg3HdKe9ayPXiUztvg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 61120112
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame A389 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:55:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8CE5 1 KB
643 B 42ms
41ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Wed, 30 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame A389 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:55:11 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A389 24 KB
6 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 07:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 26 Aug 2024 07:32:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A389 181 KB
56 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 17:47:41 GMT

GET
H3 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame D659 37 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:24:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 17:24:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 141ms
140ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=2232719906608456&bg=!QUKlQg3NAAYkVgHwBFY7ADQBe5WfOPq43rm4i5mHsyZHabWun63cL1crf2d1wW9LPcmxRtsZ23WLOTK462I_HJks9OjNAgAAAGBSAAAACWgBB5kCvjj5_pffkLmajVZ7Mxs69k2Me6rD7Fe8W5gPdjZQKGh1lMntegnhP7kiu1kTkBe7ZhwfUEBDqlYp-CktDBqVmEf_j0nHc79Rl1dksJ3RKx2uO0651Spc9HlDVklDXGyvuv032F7zOH3RIT-3wIZWOPhyxPKSq0vqnyfVESJ3pVF0cNCpr1PKZqt0AZQhv-lX90hQHd5V08sKdRvZIxca_FmFJTFUgOsppTiiLePxSCpm2R9liIo78G6V3ysNEgqsI2teRCqtS3kXmJru1HdvLrRhZ1hjeUTujfGGqwDUV-IlvTdpv-6Zh-bP1Jq8wVNqMROnAwjwWISnwjFJsQAaRZpoZPywmffk3_ncEqpaeKzLatbRrU36kF0VYXZrxD94LgW0bIrXx9gaQTBO0sN2Hd1RctVeNUk3aic-Q6587RbBlqsnIFmX7PhMCPWG-jE9_B5cV34MEev4mCfO8r0wVMIUaO3Lftw3gTO3tyu8i_xOtBa3_L9Qk9n2Gvf4Jd0tXMe5IbGjjUb5lMkCRgTg7_I1NSjfFi9a4KiYGEV9mxMzbEJWXh8R6OHpJbGJ-MHtL4FE6PdVOK8Z92UcOILqUz8y8enWY0NPMqSsWgRPXhlG5TTdiZAg2BuiFPjdHXxwUqA0uQQcE1rerHzfNT1Dhprjn9l0usH7nFo5ehmAbmu_0iLH24EIQLGmzhuvgrEYXXkmQPu3kTxkVZ957Zwq34QKBrsBk9IQ4GJhiDXaWIoI-tM9S-BUlCclR3tnkj8u_63VFfAyaQ7ktDOMCNSB6sdiQemySkYAZPvonK20itQY5P72ZnfDliHru5L6EAdLKlVp6028ju512Bsbbu8wDrphDdQYCyN65Yk-Ntt2TzjCtgp8HzJJqDcyDeVL9E967lYdC1pFUWBycGS3bZI9dLWUKDwgdmLg8DhJQg6twg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 8CE5 0
103 B 46ms
45ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEN6kA8g1kBUpFbwerlYxlVk&google_cver=1&google_push=AXcoOmQHTo8HtdqbfrkjyYfNYSA3KhMSAx4IIM3YIE9qMW4P0Vm7pmRxbEytdX3KE2_4jK-Fb1FsOQ7ADL-5yOrsK-nENtvjLsy5
Requested by: Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CE5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJujwbk2gIq1S9Hmic0KWvs&google_cver=1&google_push=AXcoOmQQ7QulBYCHYKZdKMd0Z8cRB5XN58XASyn5qCkdPfW1ZpcxZu7yIDK0BtUYc7uKYvD_VcajtgJ3PfvtwLm0...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQQ7QulBYCHYKZdKMd0Z8cRB5XN58XASyn5qCkdPfW1ZpcxZu7yIDK0BtUYc7uKYvD_VcajtgJ3PfvtwLm0KU7FjWF3eOli

170 B
188 B

54ms
52ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQQ7QulBYCHYKZdKMd0Z8cRB5XN58XASyn5qCkdPfW1ZpcxZu7yIDK0BtUYc7uKYvD_VcajtgJ3PfvtwLm0KU7FjWF3eOli

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 29 Aug 2023 17:47:41 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x31 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQQ7QulBYCHYKZdKMd0Z8cRB5XN58XASyn5qCkdPfW1ZpcxZu7yIDK0BtUYc7uKYvD_VcajtgJ3PfvtwLm0KU7FjWF3eOli
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 29 Aug 2023 17:47:40 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CE5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA2hq0KiGteh6Qa4knNmg0g&google_cver=1&google_push=AXcoOmSLJsvM24WSey8kpwPH7mes6hJyTXPaLOHiOImn4tT3jx34oGW-o-q-jv67HgpGAORC6ntLD3RPiuK85A...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjgwMjM5MTU4NzAyNzA5MA%3D%3D&google_push=AXcoOmSLJsvM24WSey8kpwPH7mes6hJyTXPaLOHiOImn4tT3jx34oGW-o-q-jv67HgpGAORC6ntLD3RPiuK85Ap4W4...

170 B
188 B

50ms
50ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjgwMjM5MTU4NzAyNzA5MA%3D%3D&google_push=AXcoOmSLJsvM24WSey8kpwPH7mes6hJyTXPaLOHiOImn4tT3jx34oGW-o-q-jv67HgpGAORC6ntLD3RPiuK85Ap4W411uYXj6XoX

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MjgwMjM5MTU4NzAyNzA5MA%3D%3D&google_push=AXcoOmSLJsvM24WSey8kpwPH7mes6hJyTXPaLOHiOImn4tT3jx34oGW-o-q-jv67HgpGAORC6ntLD3RPiuK85Ap4W411uYXj6XoX
Date: Tue, 29 Aug 2023 17:47:42 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CE5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED0J8lOxP8hUvdaIXkdeN_I&google_cver=1&google_push=AXcoOmShG4G1fxkoEQF7HRa3zPlzOytDeHnsHARAGqyL2_HQdHaMp6FHOLoEu1ymRmfdN-uKehSeGxjXo-DkrwS8TrAs1gG...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmShG4G1fxkoEQF7HRa3zPlzOytDeHnsHARAGqyL2_HQdHaMp6FHOLoEu1ymRmfdN-uKehSeGxjXo-DkrwS8TrAs1gGtCu9A&google_hm=eS1RcTg4VzN4RTJwR3haVV...

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmShG4G1fxkoEQF7HRa3zPlzOytDeHnsHARAGqyL2_HQdHaMp6FHOLoEu1ymRmfdN-uKehSeGxjXo-DkrwS8TrAs1gGtCu9A&google_hm=eS1RcTg4VzN4RTJwR3haVV80YjZfc0k0YmVmbEpLYWZBOH5B

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 29 Aug 2023 17:47:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmShG4G1fxkoEQF7HRa3zPlzOytDeHnsHARAGqyL2_HQdHaMp6FHOLoEu1ymRmfdN-uKehSeGxjXo-DkrwS8TrAs1gGtCu9A&google_hm=eS1RcTg4VzN4RTJwR3haVV80YjZfc0k0YmVmbEpLYWZBOH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CE5
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRJPEX2nqknx-EQ-ZK3-18826yRpdk-ItVGXAp_lsSJ1thu9HjPkOXD7Fw20v-J82htbpuoiJVQen9I2kVKQ1xUPKqJXTCE&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-8ee2a696-ec74-411a-a479-0d9161cd442e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRJPEX2nqknx-EQ-ZK3-...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRJPEX2nqknx-EQ-ZK3-18826yRpdk-ItVGXAp_lsSJ1thu9HjPkOXD7Fw20v-J82htbpuoiJVQen9I2kVKQ1xUPKqJXTCE&google_hm=A47ippbsdEEapHkNkWHNRC4

170 B
188 B

51ms
51ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRJPEX2nqknx-EQ-ZK3-18826yRpdk-ItVGXAp_lsSJ1thu9HjPkOXD7Fw20v-J82htbpuoiJVQen9I2kVKQ1xUPKqJXTCE&google_hm=A47ippbsdEEapHkNkWHNRC4

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRJPEX2nqknx-EQ-ZK3-18826yRpdk-ItVGXAp_lsSJ1thu9HjPkOXD7Fw20v-J82htbpuoiJVQen9I2kVKQ1xUPKqJXTCE&google_hm=A47ippbsdEEapHkNkWHNRC4
date: Tue, 29 Aug 2023 17:47:42 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX8ee2a696ec74411aa4790d9161cd442e003
content-type: text/html

GET
H2

200

/
onetag-sys.com/match/ Frame 8CE5
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEE24zGlgERySGWNiflzremU&google_cver=1&google_push=AXcoOmRbn0sh3tqK5rX_t7wAuhgQKP9f_hFOIcWeXrrj9RISGcM_PLNcrfglIQQX2hgLPmh_1btMTdGVz7b...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRbn0sh3tqK5rX_t7wAuhgQKP9f_hFOIcWeXrrj9RISGcM_PLNcrfglIQQX2hgLPmh_1btMTdGVz7baGT_t7abrPWtBK3gOgQ
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

40ms
39ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 8CE5
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELBmrba-g7Og...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS9focr_SupuN9cVb9ug9Gl_ADpQeI2PGuDeyfNdHeLJoLDbh__eBgCWrePsghCoPKAtlhz9sKFUrPAoU3ktFGoa1oJ-JXYPw
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

71ms
71ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Tue, 29 Aug 2023 17:47:42 GMT
pragma: no-cache
date: Tue, 29 Aug 2023 17:47:42 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8CE5 0
12 B 48ms
47ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLeUQjoDBRZJJVWtbNMyYx0fAdMJLLTXaVkVYE-wXeVWLMijU0osF1-FjPLNHDvqjZoX8DA8Q

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame A389 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87e60ff5d9a772ec5e68097463e3f5f065d412a6084bb8d975b4e71405cc3e01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A389 0
0 86ms
84ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqwbkPS_uZJ7BHKaf78EPrtug0ATJntKxXNWdkfdwwI23ARABIABglar1gZQHggEXY2EtcHViLTcxOTcwNTkzMjgyMTAzNzfIAQmpAiwI_WwzIbI-4AIAqAMByAMCqgSdAk_Q7L9iBCqtCBt8PMGAxKRP_i20HTqhABK2xyNkAeBWj6itvf_eBUDa28EHTvgIiVrvu6wxvkpC4a1VdK3VTU3PSe-HKQaKgnTBko1C7zCe4G1UPknBH41cO6nQ0rqYFVCZabV5UoAMqn2bHWrTIii82R1i7bwPEPhCzo8_PNK9_gCLprvcsQzy3Nf4M24PY5Rv3kKmIeI81wz8KWuuOHPvttBN9VaKuSpWkaPr7QjH-SaBjLfnQ-3wITO-UZNoRqzcOksOFRHbpSph-Onb0gGMXVc1x_32oHo4zAlB463vsOprJU1QwBpVoHXmIiv5cWLiDebKgMA1sBk-JmIttxA1zmuOhpqmGcPCpZlxI4hgL3oVmCaOWBdkQTtb7OAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03MTk3MDU5MzI4MjEwMzc3GKvyCg&sigh=juY-VVWDKrk&uach_m=[UACH]&cid=CAQSPABpAlJW868d9jmKM_hs_9zgOTj0-5La1Mvq8S1K6pRVI1OAszMnSkW64vW_gIryJpAkawPlYy1snSOYxBgB&cbvp=2&vis=1
Requested by: Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame A389 0
126 B 159ms
45ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k5XPF-v_CsoH-gGdg2ICAgAAAL6VXHDOO79Cuy11eWkaN7AQPS_uZNSQ9byDd9wT7j0AABIAAAoKQVFVQkFRRUJBUQ&wp=ZO4vPQAHIJ4CO8-mAAgtrvjQsREi31QZOZvh1g&cbvp=2

Requested by

Host: 12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 171742
server: Kestrel
content-length: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 243ms
145ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 17:47:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame E73E 0
595 B 64ms
63ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:42 GMT
an-x-request-uuid: 01854fc5-de4b-436e-8715-ed85e7f626b3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.108; 80.255.7.108; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2CE1 2 KB
1 KB 139ms
48ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO4vPQAHIJ4CO8-mAAgtrvjQsREi31QZOZvh1g&u=%7Cr%2FRrmP1EZXe3FrRSTRMYXWgpJSuLij1rwC6MXEgJY%2Bw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku46uZqnm0IDQE0mgmeM1aUcn0pwl7nLc0l3qJR2nUlYyr-bGVJn68ZH4qPvylDNtTvS6SXp_FhZFSuZ5oqsipCrbxy1oriZ1VPhTwVz5g6YcsP1nAFkFBnydrBEGqClgy5uR5mOON6Ndb7FO955S-G9zZo6dSX6fOQcdJMNHHFacLRMU5GYCH9e3YKZDLBn9ChPRC93anarLAPds_2EU5Tip3tfkOB1fIHNQdTj22jZMbCuHcM_AIN_OpbmOdnY2STpP7LTk9wTkwmm2FY2ih_SuNzeBDeaUHPdJo8MI-faM3i70voJeoF3otqyGOPp8G7m_drnuLgpzm2gSIK2xMe8FNiImVDwNAFSMrIxsAu-sNzTSHU57uyyVi5azGKnKTlK4YiY3XbO2zqNdy6cInKdt1AFp4lRtzJVgY1y7-H-AHTOcmIBYggTV485PskN3hxf1AwHNEfr-g1P07SWrGQq5-2hyYZeD83zZ-ByO8hkUkEp-8uyzfZF74SbLF0l-sgi3t2yrjHd1VrXcSxzdDGdIQHQWhMz7LD5fldhvZ-CGILI9t3nAQbQnF5i8KxLo7x75LShn58K5XV-0h-Pno7eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTNklPS_uZJ7BHKaf78EPrtug0ATJntKxXNWdkfdwwI23ARABIABglar1gZQHggEXY2EtcHViLTcxOTcwNTkzMjgyMTAzNzfIAQmpAiwI_WwzIbI-4AIAqAMByAMCqgSgAk_Q7L9iBCqtCBt8PMGAxKRP_i20HTqhABK2xyNkAeBWj6itvf_eBUDa28EHTvgIiVrvu6wxvkpC4a1VdK3VTU3PSe-HKQaKgnTBko1C7zCe4G1UPknBH41cO6nQ0rqYFVCZabV5UoAMqn2bHWrTIii82R1i7bwPEPhCzo8_PNK9_gCLprvcsQzy3Nf4M24PY5Rv3kKmIeI81wz8KWuuOHPvttBN9VaKuSpWkaPr7QjH-SaBjLfnQ-3wITO-UZNoRqzcOksOFRHbpSph-Onb0gGMXVc1x_32oHo4zAlB463vsOprJU1QwBpVoHXmIiv5cWLiDebKgMB3sjisoe2xpK-p2sheuzxeENfIE5NfOwrU50ezapmQdA_h679IU79sQuAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2GtzOtHmT0Jo2_C4Uz6ReAxpiyhg%26client%3Dca-pub-7197059328210377%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 17:47:42 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2CE1 2 KB
1 KB 140ms
50ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 17:47:42 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2CE1 308 B
637 B 133ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 23 Aug 2024 17:47:42 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 2CE1 293 B
621 B 138ms
52ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 23 Aug 2024 17:47:42 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 2CE1 43 B
348 B 172ms
51ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=nZVEPiAkGUou-_w-dg1ui_XWDF6100uvo5VIai00QLk2p2FVtG80p7Jmxo-lwBtb-8fgJ-hEeuRjbmfWTq-d1gB5uu5iiA4sPQsX5N84cxDxKHH4SSuQCk794-EYPmNbDEVVavsoAs6CkVORTdSwnsDjCcEmjlcHYNlkCKXnpapfhdXc3dSPeSILF0qSQ-0nhphfg9idXZ_3PYVhRP82j52SRVhrIolguMsgwnulZoIXdw6WK8JSkjG-KzHXeqLD1BqxbANXf-5Ds4K4Y30cUefeL7W7yrzL6yObr6rTPiOMtzS5U965Ah4PO5Fs8S_k3jOymbRC3aGZpEueprcwxo5gtMI3CRKo0pQcm05wcUf7ZG5dfXYTsGzqnET0vIHl4MsxD5Wst0mLTfB_43AtbfY1AXraTb8RQHY7WTwoAshwXcKuNL3ETM9Ru53TjVmhGpQCXIgxZrnnIa-dCpYvv7Io3Pc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1577960
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 2CE1 44 B
582 B 202ms
63ms Image
image/gif 2600:9000:2204:2e00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1693331261
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO4vPQAHIJ4CO8-mAAgtrvjQsREi31QZOZvh1g&u=%7Cr%2FRrmP1EZXe3FrRSTRMYXWgpJSuLij1rwC6MXEgJY%2Bw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy91eSjxqsgku46uZqnm0IDQE0mgmeM1aUcn0pwl7nLc0l3qJR2nUlYyr-bGVJn68ZH4qPvylDNtTvS6SXp_FhZFSuZ5oqsipCrbxy1oriZ1VPhTwVz5g6YcsP1nAFkFBnydrBEGqClgy5uR5mOON6Ndb7FO955S-G9zZo6dSX6fOQcdJMNHHFacLRMU5GYCH9e3YKZDLBn9ChPRC93anarLAPds_2EU5Tip3tfkOB1fIHNQdTj22jZMbCuHcM_AIN_OpbmOdnY2STpP7LTk9wTkwmm2FY2ih_SuNzeBDeaUHPdJo8MI-faM3i70voJeoF3otqyGOPp8G7m_drnuLgpzm2gSIK2xMe8FNiImVDwNAFSMrIxsAu-sNzTSHU57uyyVi5azGKnKTlK4YiY3XbO2zqNdy6cInKdt1AFp4lRtzJVgY1y7-H-AHTOcmIBYggTV485PskN3hxf1AwHNEfr-g1P07SWrGQq5-2hyYZeD83zZ-ByO8hkUkEp-8uyzfZF74SbLF0l-sgi3t2yrjHd1VrXcSxzdDGdIQHQWhMz7LD5fldhvZ-CGILI9t3nAQbQnF5i8KxLo7x75LShn58K5XV-0h-Pno7eY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTNklPS_uZJ7BHKaf78EPrtug0ATJntKxXNWdkfdwwI23ARABIABglar1gZQHggEXY2EtcHViLTcxOTcwNTkzMjgyMTAzNzfIAQmpAiwI_WwzIbI-4AIAqAMByAMCqgSgAk_Q7L9iBCqtCBt8PMGAxKRP_i20HTqhABK2xyNkAeBWj6itvf_eBUDa28EHTvgIiVrvu6wxvkpC4a1VdK3VTU3PSe-HKQaKgnTBko1C7zCe4G1UPknBH41cO6nQ0rqYFVCZabV5UoAMqn2bHWrTIii82R1i7bwPEPhCzo8_PNK9_gCLprvcsQzy3Nf4M24PY5Rv3kKmIeI81wz8KWuuOHPvttBN9VaKuSpWkaPr7QjH-SaBjLfnQ-3wITO-UZNoRqzcOksOFRHbpSph-Onb0gGMXVc1x_32oHo4zAlB463vsOprJU1QwBpVoHXmIiv5cWLiDebKgMB3sjisoe2xpK-p2sheuzxeENfIE5NfOwrU50ezapmQdA_h679IU79sQuAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2GtzOtHmT0Jo2_C4Uz6ReAxpiyhg%26client%3Dca-pub-7197059328210377%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:2e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
via: 1.1 618e94643d6094e9ff9adbaaa8ed3aee.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: NjZnXjSKNtGFd2kEEmh0SbRUhVRrGEdtg7K7kP72-l7E_Ex6WCaC_Q==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
static.criteo.net/design/dt/ Frame 2CE1 57 KB
57 KB 171ms
86ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c94f7120af1dd1e52881cfb218fb4fda3f26d6971c0ebd317ba23b459dcaa1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 20 Apr 2023 14:26:14 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"64414b86-e41c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 17:47:42 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2CE1 12 KB
5 KB 132ms
47ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 990912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LggtLm%2FYN6R9nqk0GA1mk1OnU8vcEzZ63CqQobbOInzkbOhq7SMXOUrRi%2BROjfgeNcqAPV9AuWn2RJgpqhCZqzO8oqYIWPpfV5LF%2FOBpQv0yj929VRXrks7zioIgWrl8SM6SLpHYR2zJy%2FKuCwPBpO4q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fe69ee54e4235df-FRA
expires: Sun, 18 Aug 2024 17:47:42 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 2CE1 12 KB
6 KB 62ms
49ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 17:47:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CE1 10 KB
10 KB 199ms
105ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F230502%2F6c678b4c3aaa4eb8985bff7ee55cf9b8_stepstone_job_portal_negative_rgb.png&v=3&w=356&s=rippgjtBbOsS92-SfZ99jt5s

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3290c092bb4df9f7429398cc191d51cc4a6d9e3c9d6c97ac497411628b60ddb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 10345
expires: Thu, 01 Aug 2024 22:06:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CE1 12 KB
12 KB 178ms
84ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoMercedes-Benz-Tech-Innovation-200596DE-2204010837.gif%3Feb%3D1&v=3&w=400&s=_tIhSRdJUTKk7bOgPAJ-2zbS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

26cd08f1566ba2cf280c41768cdb82113945a0676046c51ebb50f61efcef8dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2591971
content-length: 12346
expires: Fri, 08 Sep 2023 23:20:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CE1 2 KB
2 KB 138ms
45ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoBridgingIT-GmbH-61818DE-2302090926.gif%3Feb%3D1&v=3&w=400&s=zPmM6UdwHQxEVoELbMVk0jJs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9ffa7d3bcfa1f8b335f688cf14b469ede7d8e1aed04c7785a68e0cb605536e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2591962
content-length: 1785
expires: Tue, 05 Sep 2023 09:59:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CE1 4 KB
4 KB 183ms
90ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F8%2FlogoHans-Turck-GmbH-Co-KG-50240DE-2011161525.gif%3Feb%3D1&v=3&w=400&s=nMk6LVU9IATiiBZ3NlsfM9Bi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4c117a0c5d417cdde9267c0e6ed8edcf909af2db932521d5b7f846c248b2cc31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2591942
content-length: 4246
expires: Mon, 25 Sep 2023 17:24:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CE1 1 KB
1 KB 138ms
45ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FI%2FlogoIHK-Gesellschaft-fur-Informationsverarbeitung-mbH-26057DE.gif%3Feb%3D1&v=3&w=400&s=r29VeUHcaZ7tA7jcUOe5SMv6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f4fcfe1bcc61d59a3006e503371c36944ce3fc09f5cdf6c3087dbe12e761f6fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2591967
content-length: 1112
expires: Tue, 05 Sep 2023 09:53:49 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CE1 2 KB
2 KB 180ms
87ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoGolding-Capital-Partners-GmbH-26360DE.gif%3Feb%3D1&v=3&w=400&s=0WFyGivKAM9aaAB5UmMe5eap&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bdfddead46b393ea069b647b652ad92733c67663cef87556f29c1a94d43779ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2591964
content-length: 1797
expires: Wed, 30 Aug 2023 20:41:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CE1 2 KB
3 KB 87ms
86ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoODDO-BHF-Aktiengesellschaft-117476DE-2201191141.gif%3Feb%3D1&v=3&w=400&s=1ebQy9Ac6FEovPYj3I1MnV1X&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9f6828157eb41dc73f3a8855cf1614cafc308541c22a462936be8226641e446f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=3552
content-length: 2455
expires: Tue, 29 Aug 2023 18:22:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CE1 1 KB
1 KB 101ms
100ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FP%2FlogoPacura-med-GmbH-206403DE.gif%3Feb%3D1&v=3&w=400&s=0MiQBgY0K9PSGBD9yYZPcHJU&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bb5ea10cfe85e21bc261f35805a3bf0c4974fe1d22bf30c2dc65903a589d6e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 1102
expires: Tue, 05 Sep 2023 10:34:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CE1 3 KB
3 KB 103ms
103ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoMLP-Finanzberatung-SE-4972DE-2210200809.gif%3Feb%3D1&v=3&w=400&s=4ePDe2waZWEhM8OC-D8vbhUD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b67ac69bbb72f3aef7a7c78738bc0dc2c5067031de210c36307276c618ca69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2591956
content-length: 3288
expires: Tue, 05 Sep 2023 10:32:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CE1 4 KB
4 KB 120ms
119ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBG-BAU-Berufsgenossenschaft-der-Bauwirtschaft-172774DE.gif%3Feb%3D1&v=3&w=400&s=vpaMW3v5WDzh1yhiajVKEQgN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e02a14711390c368ff74e39a04e3adee451cf0db4ccb6294755ba1fc391c9b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2591941
content-length: 3721
expires: Tue, 05 Sep 2023 11:38:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CE1 1 KB
2 KB 106ms
106ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoPwC-2965DE-2307031425.gif%3Feb%3D1&v=3&w=400&s=ws0bTDmqQEcYN_HWa9nOF9_Z&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a41b061cab0b78987ef20ee2da139aa2c6ec28308a9a7463f0ce2a3033a81f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
content-length: 1513
expires: Mon, 11 Sep 2023 05:58:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CE1 2 KB
2 KB 117ms
116ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FG%2FlogoGWS_Gesellschaft_f%25C3%25BCr_Warenwirtschafts-Systeme_mbH___48487DE.gif%3Feb%3D1&v=3&w=400&s=J_inaQDKQgTqr6z2qHTuIvPe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6f8c50527419722ed3f104f107f99b7d4a9655813c39fbe53f28c6c48bd7437e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2591989
content-length: 1800
expires: Tue, 05 Sep 2023 09:53:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2CE1 1 KB
2 KB 117ms
116ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2Flogothyssenkrupp-Steel-Europe-AG-219788DE.gif%3Feb%3D1&v=3&w=400&s=0JbBMQpPMb0G-o2U9EhoAE5B&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d4351ab524fa657144030c85414bd6882dd1ead0a2122e5dd562dcc408566a6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2591132
content-length: 1452
expires: Thu, 28 Sep 2023 14:52:31 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2CE1 0
128 B 146ms
48ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=r_rxXgNGjkx_anGHgD-QtdgOQEpiytQ1IlaMtpT0iCL5XpSTm_efQz7TTL5KaSvttupxBX4dHphE20g7gIWhIF5pPnSvLKtGBvQJ7nTj9hUmxYEGmY8ayftaejbHm_-ePFYeFjdFl6QTR3mP2DGLVr1qN-axmWfT0-iNJsKN9siNbJfbpD1GwLBUtt-pBvCoyCEfFVCAzuBVzCz-0Ss7cjvB9KIc7tPDbbMgZofsr_KG4UEvthnODg3HdKe9ayPXiUztvg&sds=2&rev=88100&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 17:47:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2CE1 2 KB
1 KB 43ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 17:47:42 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2CE1 2 KB
1 KB 63ms
63ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 17:47:42 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 25C6 222 KB
61 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 19:22:21 GMT
age: 599121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 19:22:21 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 25C6 15 KB
5 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 23 Aug 2023 10:00:11 GMT
age: 546451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Aug 2024 10:00:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 25C6 94 KB
28 KB 57ms
53ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 05:50:45 GMT
age: 43017
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 05:50:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 25C6 5 KB
2 KB 62ms
59ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 16:22:50 GMT
age: 5092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 16:22:50 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 25C6 40 KB
13 KB 63ms
60ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 10:05:13 GMT
age: 27749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 10:05:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 25C6 14 KB
1 KB 50ms
49ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 17:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 16:00:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Aug 2023 17:47:42 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 25C6 2 KB
2 KB 41ms
38ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 01:27:29 GMT
x-content-type-options: nosniff
server: cafe
age: 58813
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 30 Aug 2023 01:27:29 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 25C6 295 B
323 B 42ms
40ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 8783
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 30 Aug 2023 15:21:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 25C6 0
0 48ms
48ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhG6qcXYmvIRSMV5DeAKRXQevPY_m8DAP4KhWLtAOEOZKnREdYJAcvOEK3Xu4-l8cD_emNWBPzmd2Oq0vcQKAgm9P08g
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12654839080678238794/ Frame 25C6 39 KB
39 KB 43ms
43ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12654839080678238794/14763004658117789537?w=600&h=314

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1239b219c7e652ef1edea752fd1f94ef9e89169f72171e2ab2978b49dc0c4162

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 05:48:44 GMT
x-content-type-options: nosniff
age: 43138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39549
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:23:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Aug 2024 05:48:44 GMT

GET
DATA 200
OK truncated
/ Frame 25C6 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 25C6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 25C6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e37f146a519f0b03209926f8464d8500033262ab867fe1005317d5399e6bc4d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 25C6 33 KB
33 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://13.58.185.233
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 563594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 05:14:28 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 25C6 43 B
1 KB 210ms
52ms Image
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=stage-gaw&extLi=20326574315&cb=465234378&cbvp=2

Requested by

Host: 13.58.185.233
URL: https://13.58.185.233/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Tue, 29 Aug 2023 17:47:42 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Di, 29 Aug 2023 05:47:42 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://13.58.185.233
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 990
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 25C6 0
0 89ms
88ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChnpBPi_uZKqgBo2O6wS5mpOICeas3MNyypX7vZIRrZjQzYAHEAEgjaH3H2CVqvWBlAegAZD95sYDyAEJqQL2hjxfsh-yPuACAKgDAcgDCqoEogJP0Eij-zx2xL2rulIIjjZX-3aQn_oxL9iCJl3OApjshHG7NVRzvQUPW42jNUPwMk-Qwy2P-tdhW5bWeoak6gS_raB7Vl0R50-slthXivZgOJsRTzlkp-nTb9D90lSRHWd2EToauK-X9x9rEZZD3F5C3EM7HM6j9ee5-OAQLTgg7Zs2lL_TeL4BmL2EHSsG-wBlnORK-i-FzwaecvdN4IjigP3VKsK11zeQnDTKFHr8nUZbW_Nb6iS3XgMpJPPYnn4lP-Iw4G-JrTZ8CdpAkes6UKW9wpXS0OBFCw_eMW7miG2TTIXOjhHHtw-HF6MeANVTnD2B8Pflp1f4KwJiRuKvJNN3mJRtUssMEz1PjFmphgEJLjBpkrQua11mG-1x5SBMccAEjILi-LEE4AQBiAXr0bvcS5IFBAgEGAGSBQQIBRgEoAYugAfa1uBGqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQucEW0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJSmh0dHBzOi8vd3d3LnN0YWdlLWVudGVydGFpbm1lbnQuZGUvbXVzaWNhbHMtc2hvd3MvZGlzbmV5cy10YXJ6YW4tc3R1dHRnYXJ0gAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTkxMDQ0NTUyNTEyMTc4NjAYq_IK&sigh=PyUnWaBe0MQ&uach_m=[]&ase=2&cid=CAQSPABpAlJWqdnS5XmOzAd3IH4WpEOUJMeNpP1xP1LDoHpnpCG-dX9x5tStAg0Z9MTfAGHMIxKoVU4X8PhalBgB&template_id=5000&cbvp=2
Requested by: Host: 13.58.185.233
URL: https://13.58.185.233/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E731 42 B
64 B 145ms
144ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWZjG3oF8zsZ2Z1WwLg0hheFepUDvhnvMbQaIvMAGMtoP49spRQfRUAN1SggsEuN0Wi7BbT_mpIAWE7wekN7ItZgnbvYf1smZsh-SNEk1hsjt5v_rZceMapp2PAClJVMnOLbHL4TDDhgiK&sai=AMfl-YQivjEef1Xph5PlcaTQGNFVJq_m3WkNYWeAEe4-5Ac1wW18KqgYYaN6qJxlkpK66Bd_ZNPAa0cLAn5RSnXatXDAmBOmpWvGxE-rk_ADVfFaWp0mB3ULfQ0uqE6p&sig=Cg0ArKJSzAEZX3REadAwEAE&cid=CAQSPABpAlJWLpbYv_5iZuyDM7lLTMQqhERier53sqsIkWZgoquikPdIQMUUIaH68y_USj6poIwXAE1VaMLLxxgB&id=ampim&o=1148,546&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=351&tls=1351&g=100&h=100&tt=1351&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
181 B 217ms
89ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=159328
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159328/2813/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://13.58.185.233/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:43 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://13.58.185.233
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame DAD1 0
261 B 161ms
47ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=159328&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:43 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 25C6 42 B
64 B 148ms
147ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssPrtAbzeiFKxBc5kfZl8VZs8xxNAptvvrFhxrav3PemIV86qbYVMdQ5hpVN9v1UhdkR4KDxRSVFV5q3V3J8BZanJL5LvQj5xV27ri9R7CW9N6a_imqxkuVpaqrT-KxGBKADysY3AA4SHHD35aWnwoBGwfOW5pr5g4vAZNBQo&sai=AMfl-YRp4J1X9ONl8xSJkjur-RL4ZOWfPoiHT2_3Dlb4Nior0DaDgzIVLNt5f6EIUV8g2x5hiTgMO3fuHIwUS1908aF3RVvdLy2QTmYzMloA-KO3ShPjOQ0LebDwwWFk&sig=Cg0ArKJSzNyfo3FntH6UEAE&cid=CAQSPABpAlJWqdnS5XmOzAd3IH4WpEOUJMeNpP1xP1LDoHpnpCG-dX9x5tStAg0Z9MTfAGHMIxKoVU4X8PhalBgB&id=ampim&o=315,21&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=109&tls=1110&g=100&h=100&tt=1110&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13.58.185.233/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame DAD1 2 KB
3 KB 42ms
42ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66978390&p=159328&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 8c7cfc5a1d747d86a50f28ec514fc23ff0143a89d9c5b40931663c7f2c6fe9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 17:47:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 73C0 35 B
600 B 41ms
40ms Document
image/gif 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=ED4F2DB8-E190-4B07-A092-3D44CB84056F&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Tue, 29 Aug 2023 17:47:47 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7739
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8336458625835832832&gdpr=0&gdpr_consent=

42 B
219 B

42ms
41ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8336458625835832832&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 29 Aug 2023 17:47:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 53b8bd84-685a-4eb0-a3c6-6477962336e7
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 17:47:44 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8336458625835832832&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 80.255.7.108; 80.255.7.108; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4849
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7272802391587027090&gdpr=0&gdpr_consent=

42 B
299 B

42ms
42ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7272802391587027090&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 29 Aug 2023 17:47:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Tue, 29 Aug 2023 17:47:44 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7272802391587027090&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2D7C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=82NyhbR3XSNH7Pjg59tfMFD_B2w&gdpr=0&gdpr_consent=

42 B
300 B

42ms
42ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=82NyhbR3XSNH7Pjg59tfMFD_B2w&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 29 Aug 2023 17:47:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Tue, 29 Aug 2023 17:47:44 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=82NyhbR3XSNH7Pjg59tfMFD_B2w&gdpr=0&gdpr_consent=

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame E8DB
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
236 B

134ms
132ms

Document
image/png

151.101.2.49

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO4vQAAMR3P-eQAN
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Tue, 29 Aug 2023 17:47:44 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220066-FRA
x-timer: S1693331264.448739,VS0,VE90

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Tue, 29 Aug 2023 17:47:44 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO4vQAAMR3P-eQAN
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220066-FRA
x-timer: S1693331264.313278,VS0,VE89

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4777
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU49ee4dc743564db7bad7cbdb85b8968c

42 B
325 B

48ms
47ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU49ee4dc743564db7bad7cbdb85b8968c
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 29 Aug 2023 17:47:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 166
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 17:47:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU49ee4dc743564db7bad7cbdb85b8968c
pragma: no-cache
server: Tengine

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 428F
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

45ms
45ms

Document
text/html

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159328
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 17:47:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Tue, 29 Aug 2023 17:47:44 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2 200 mw
mwzeom.zeotap.com/ Frame DAD1 95 B
439 B 158ms
58ms Image
image/png 2606:4700:10::ac43:db6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=ED4F2DB8-E190-4B07-A092-3D44CB84056F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:44 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7fe69ef1deac2bbb-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame DAD1
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ED4F2DB8-E190-4B07-A092-3D44CB84056F&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ED4F2DB8-E190-4B07-A092-3D44CB84056F&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

50ms
50ms

Image
image/gif

77.243.51.121

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ED4F2DB8-E190-4B07-A092-3D44CB84056F&sInitiator=external&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 77.243.51.121 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:51 GMT
frontend-id: 9
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:51 GMT
frontend-id: 1
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=ED4F2DB8-E190-4B07-A092-3D44CB84056F&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET

mw
mwzeom.zeotap.com/ Frame DAD1
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=ED4F2DB8-E190-4B07-A092-3D44CB84056F&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=3b4a916354a985ee/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b3e580848251d81a92d0da70a9a601da&gdpr=1
https://spl.zeotap.com/?zdid=1332&zcluid=3b4a916354a985ee
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=85c1bcc0-5bd6-40e1-43ef-ab5856edb7a2&reqId=cbd987c0-03fc-4319-7db2-aec074845a81&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEAZuQhCL-tlKTFvluQPORYk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=85c1bcc0-5bd6-40e1-43ef-ab5856edb7a2&reqId=cbd987c0-03fc-4319-7db2-aec...

0
0

GET
H2

200

sync
x.bidswitch.net/ Frame DAD1
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://x.bidswitch.net/sync?dsp_id=59&user_id=5984af5c-b340-44c8-8361-c04a79b75652&ssp=pubmatic

43 B
145 B

46ms
45ms

Image
image/gif

18.192.109.4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=59&user_id=5984af5c-b340-44c8-8361-c04a79b75652&ssp=pubmatic
Protocol: H2
Server: 18.192.109.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:47:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

Location: //x.bidswitch.net/sync?dsp_id=59&user_id=5984af5c-b340-44c8-8361-c04a79b75652&ssp=pubmatic
Date: Tue, 29 Aug 2023 17:47:44 GMT
P3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
Content-Length: 121
Content-Type: text/html; charset=utf-8

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame DAD1 0
103 B 69ms
41ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=ED4F2DB8-E190-4B07-A092-3D44CB84056F&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 17:47:44 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DAD1
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9131303406352279264&gdpr=0&gdpr_consent=&us_privacy=

1 B
275 B

42ms
42ms

Image
text/html

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9131303406352279264&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 17:47:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9131303406352279264&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 29 Aug 2023 17:47:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame DAD1 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mwzeom.zeotap.com
URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEAZuQhCL-tlKTFvluQPORYk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=85c1bcc0-5bd6-40e1-43ef-ab5856edb7a2&reqId=cbd987c0-03fc-4319-7db2-aec074845a81&zcluid=3b4a916354a985ee&zdid=1332

Domain: match.adsby.bidtheatre.com
URL: https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.izooto.com/	1970-01-20 23:58:11	Name: IZCID Value: 18c9267b-9c63-414c-a1ef-f091f7f08ec8
13.58.185.233/	1970-01-20 15:05:23	Name: _pbjs_userid_consent_data Value: 3524755945110770
13.58.185.233/	1970-01-20 23:58:11	Name: _ga_7JXMSXGPKW Value: GS1.1.1693331259.1.0.1693331259.0.0.0
13.58.185.233/	1970-01-20 23:58:11	Name: _ga Value: GA1.1.356359995.1693331259
13.58.185.233/	1970-01-20 23:58:11	Name: _ga_H2BD8F4GE7 Value: GS1.1.1693331259.1.0.1693331259.0.0.0
13.58.185.233/	1970-01-20 23:58:11	Name: _ga_EQ2TJQVS4G Value: GS1.1.1693331259.1.0.1693331259.0.0.0
13.58.185.233/	1969-12-31 23:59:59	Name: pbjs_debug Value: 0
13.58.185.233/	1970-01-20 23:07:47	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D91b5ad32-e399-4066-b1ef-352b4e18f220-tuctbe7b4bb
.doubleclick.net/	1970-01-20 18:41:23	Name: APC Value: AfxxVi6uhyS1BfVxnbFOREEIEXwQjViqnfq1f_WYTn3m39d09rA_QA
.adnxs.com/	1970-01-20 16:31:47	Name: icu Value: ChkI2ZqKARAKGAEgASgBMLveuKcGOAFAAUgBELveuKcGGAA.
.adnxs.com/	1970-01-20 16:31:47	Name: uuid2 Value: 8336458625835832832
13.58.185.233/	1970-01-20 15:48:35	Name: pubmatic-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-08-29T17%3A47%3A40%22%7D
.pubmatic.com/	1970-01-20 23:07:47	Name: KADUSERCOOKIE Value: ED4F2DB8-E190-4B07-A092-3D44CB84056F
.pubmatic.com/	1970-01-20 16:31:47	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 14:23:37	Name: pi Value: 159328:2
.pubmatic.com/	1970-01-20 16:31:47	Name: DPSync3 Value: 1694476800%3A201_245_241_235
.pubmatic.com/	1970-01-20 16:31:47	Name: SyncRTB3 Value: 1693872000%3A223%7C1694476800%3A220_56_8_71_21_13_54_251%7C1694563200%3A35
.casalemedia.com/	1970-01-20 23:07:47	Name: CMID Value: ZO4vPSPiSc1qKW.Sc32wgAAA
.casalemedia.com/	1970-01-20 16:31:47	Name: CMPS Value: 5296
.casalemedia.com/	1970-01-20 16:31:47	Name: CMPRO Value: 5296
.adform.net/	1970-01-20 15:06:49	Name: C Value: 1
.quantserve.com/	1970-01-20 23:52:25	Name: mc Value: 64ee2f3d-46734-d900a-0af44
.weborama.fr/	1970-01-20 23:48:06	Name: AFFICHE_W Value: ng@LfGqEP3ae39
.simpli.fi/	1970-01-20 23:09:13	Name: suid Value: DCCF000672F241F0A1D126622D10BEB6
.adform.net/	1970-01-20 15:48:35	Name: uid Value: 1460623923873259275
.pubmatic.com/	1970-01-20 16:31:47	Name: KRTBCOOKIE_153 Value: 1923-TBcc8UhFSvBXF0-jSRdU8EMTSfVXExjyThfohcxs&KRTB&19420-TBcc8UhFSvBXF0-jSRdU8EMTSfVXExjyThfohcxs&KRTB&22979-TBcc8UhFSvBXF0-jSRdU8EMTSfVXExjyThfohcxs&KRTB&23403-TBcc8UhFSvBXF0-jSRdU8EMTSfVXExjyThfohcxs
.pubmatic.com/	1970-01-20 16:31:47	Name: KRTBCOOKIE_80 Value: 22987-CAESEHCs-X7A7P0dh7hWXvIxTpg&KRTB&23025-CAESEHCs-X7A7P0dh7hWXvIxTpg&KRTB&23386-CAESEHCs-X7A7P0dh7hWXvIxTpg
.pubmatic.com/	1970-01-20 15:05:23	Name: KRTBCOOKIE_391 Value: 22924-1460623923873259275&KRTB&23263-1460623923873259275&KRTB&23481-1460623923873259275
.pubmatic.com/	1970-01-20 15:05:23	Name: PugT Value: 1693331260
.amazon-adsystem.com/	1970-01-20 23:58:11	Name: ad-privacy Value: 0
.turn.com/	1970-01-20 18:41:23	Name: uid Value: 9131303406352279264
.doubleclick.net/	1970-01-20 14:22:14	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 16:31:47	Name: d Value: EJgBDgHpKYEO-TA
.mathtag.com/	1970-01-20 15:05:23	Name: mt_mop Value: 4:1693331261
.amazon-adsystem.com/	1970-01-20 19:33:13	Name: ad-id Value: A6QFsyMt-UJdv-3hESTagvA
.yahoo.com/	1970-01-20 23:08:08	Name: A3 Value: d=AQABBD0v7mQCEMggZ06xrmFAqXSNVLlTZ1kFEgEBAQGA72T4ZAAAAAAA_eMAAA&S=AQAAAjBKQ1Hn3baPmD2zRE2WKT0
.adfarm1.adition.com/	1970-01-20 16:31:47	Name: UserID1 Value: 7272802391587027090
.1rx.io/	1970-01-20 23:07:47	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-8ee2a696-ec74-411a-a479-0d9161cd442e-003%22%7D
.audrte.com/	1970-01-20 14:43:47	Name: arcki2 Value: eb1Smkx-xLMRBikuF1nsmnwOQ!20220908!1693331261788!ip#80.255.7.108
.audrte.com/	1970-01-20 14:43:47	Name: arcki2_pubmatic Value: ED4F2DB8-E190-4B07-A092-3D44CB84056F!20220908!1693331261792
.targeting.unrulymedia.com/	1970-01-20 23:07:47	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-8ee2a696-ec74-411a-a479-0d9161cd442e-003%22%7D
.audrte.com/	1970-01-20 14:43:47	Name: arcki2_ddp2 Value: eb1Smkx-xLMRBikuF1nsmnwOQ!20220908!1693331262279
.doubleclick.net/	1970-01-20 23:43:47	Name: IDE Value: AHWqTUkz06uRZTqEdJkofRTZ_4xxZm7b6y0mqv30XKuKDXBk4-YmR9WcO-7gATQ04dI
.googleadservices.com/	1970-01-20 16:31:47	Name: ar_debug Value: 1
.audrte.com/	1970-01-20 14:43:47	Name: arcki2_adform Value: 1460623923873259275!20220908!1693331262500
m.exactag.com/	1970-01-20 16:31:47	Name: exactag_new_gk Value: 55ed582906044f29b76efb3af704d0e0%7C28.10.2023%2017%3A47%3A42
m.exactag.com/	1970-01-20 18:41:23	Name: exactag_new_uk Value: d20c9308c1094a3b9fe53102cf898533%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 6a7860c3724246159bb8dccb
.pubmatic.com/	1970-01-20 15:05:23	Name: SPugT Value: 1693331263

201 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/logo.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/logo.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/humburger.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/searchicon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 83) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/logo.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 84) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
other	warning	URL: https://13.58.185.233/(Line 87) Message: <link rel=preload> must have a valid `as` value
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/quote_left.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/quote_right.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/try-this-today-img.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/google-playstore.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/apple-store.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/instagram-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/googlenews-icon.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/ Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/anandabazar-logo.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 410) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/logo.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 418) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/humburger.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 419) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/searchicon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 529) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 533) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/quote_left.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 534) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/quote_right.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 545) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 551) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 565) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 604) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 612) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 643) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 651) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 659) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 667) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 680) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 698) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 708) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 718) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 728) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 738) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 748) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 792) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 803) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 816) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 816) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 827) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/splaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 836) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/try-this-today-img.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 904) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 911) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 928) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 945) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 962) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 985) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 990) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 999) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1007) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1015) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1023) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1046) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1053) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1060) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1072) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1077) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1086) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1094) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1102) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1110) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1123) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1128) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1137) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1145) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1153) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1161) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1176) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1187) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1198) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1209) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1225) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1230) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1239) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1247) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1255) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1263) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1276) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1288) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1296) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1304) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1312) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1322) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1322) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1330) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1338) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1346) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1374) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1379) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1390) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1401) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1412) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1423) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1442) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/bplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1443) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1448) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1449) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1460) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1461) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1471) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1472) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1482) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1483) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1493) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/mplaceholderimg.jpg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1494) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/photo-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1639) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/google-playstore.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1642) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/apple-store.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1657) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/instagram-icon.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1660) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/googlenews-icon.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://13.58.185.233/(Line 1666) Message: Mixed Content: The page at 'https://13.58.185.233/' was loaded over HTTPS, but requested an insecure element 'https://13.58.185.233/revamp-assets/desktop/images/anandabazar-logo.svg'. This request was not upgraded to HTTPS because its URL's host is an IP address.
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=ED4F2DB8-E190-4B07-A092-3D44CB84056F&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12ca94e3a2eacc320f7d972511633499.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
abp-d.openx.net
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.avct.cloud
ads.eu.criteo.com
ads.pubmatic.com
am-trc-events.taboola.com
assets.telegraphindia.com
c1.adform.net
casale-match.dotomi.com
cat.fr3.eu.criteo.com
cdn.ampproject.org
cdn.indexww.com
cdn.izooto.com
cdn.taboola.com
cdn4-hbs.affinitymatrix.com
cdnjs.cloudflare.com
cds.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
cr.frontend.weborama.fr
csm.eu.criteo.net
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
images.taboola.com
js-sec.indexww.com
m.exactag.com
match.adsby.bidtheatre.com
match.adsrvr.org
mwzeom.zeotap.com
onetag-sys.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
rtb.openx.net
s.amazon-adsystem.com
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
t.pubmatic.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
match.adsby.bidtheatre.com
mwzeom.zeotap.com
104.18.38.76
104.18.39.155
104.75.89.75
13.58.185.233
141.226.224.32
141.226.228.48
142.250.181.230
142.250.184.194
142.250.186.34
151.101.1.108
151.101.193.44
151.101.2.49
162.19.138.118
172.64.148.101
178.250.7.11
178.250.7.9
18.192.109.4
185.29.134.244
185.64.189.112
185.64.189.226
185.64.190.81
185.64.191.210
185.80.39.216
198.47.127.19
198.47.127.205
2001:4860:4802:32::36
213.202.235.10
23.35.236.201
2600:9000:2204:2e00:1e:a43d:b640:93a1
2606:4700:10::ac43:db6
2606:4700:20::ac43:4a81
2606:4700::6811:180e
2606:4700::6812:d841
2607:fc48:bc4b::bc:238
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::2004
2a00:1450:4001:808::2003
2a00:1450:4001:810::2001
2a00:1450:4001:811::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a02:2638:3::10
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:d::4
2a02:2638:d::d
2a02:26f0:e300:184::5cb
2a02:fa8:8806:12::1370
2a04:4e42::300
2a05:d018:d29:3605:999f:1d55:f8df:b156
3.75.62.37
34.111.129.221
34.111.131.239
34.91.62.186
35.214.193.250
35.227.252.103
35.244.159.8
35.71.131.137
37.157.6.254
37.252.171.149
46.228.164.11
46.228.174.117
51.89.9.254
52.31.175.73
52.46.143.56
52.50.102.52
52.51.131.236
54.158.55.205
54.198.150.240
67.220.226.234
69.173.144.165
77.243.51.121
82.145.213.8
85.114.159.93
019144440451ccd45e624cd2d0895c0b1d2adbb4b3a0e276a381f420efda0f11
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09c092ba937f911c360fceed25b9476a83d6aad994daec631805b7a64e5bf6b7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c94f7120af1dd1e52881cfb218fb4fda3f26d6971c0ebd317ba23b459dcaa1e
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0deac92a8d1574d1ee5b1f22c8d5895e373d501063cdbe179cf51bfa982b3a2e
10e9c0a651b1fb3dd5d6e680b997a0719adadb544993ffe0b4a89b40f3c85a2f
116c470561f08bc0c384f9306f59865db7fe8c0c2efc7b2435ecbb4417130fd0
1239b219c7e652ef1edea752fd1f94ef9e89169f72171e2ab2978b49dc0c4162
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1
17e8854a33bce82e882bf452a0fdc3fe3ce85f0ebaccfd0d7c2eddc89c4fdca6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
26cd08f1566ba2cf280c41768cdb82113945a0676046c51ebb50f61efcef8dd6
276a5c2977333872c18fb90f550a9749dcdedc2603207febef1b25e9ee2eb57f
288af7de15bb3a0231c414b28a3c9af8ba69536a6a119579ffe44e7247154e7d
2923753f13ba547e56a41908f40e23d3ea72e120456fa0b946a4d06045815cc0
294e4acf3fbeb2b139ffa3651d13be5457777d657e8bc5828b7ae85b02a9da1c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c8bcc4ee2fb0ca48e2ce36a2af9d102289fb80ae4a95fb0f2c0db17872b940e
2e37f146a519f0b03209926f8464d8500033262ab867fe1005317d5399e6bc4d
2ec49e61f31facac14982ff16144b9640d806920da85e60bbe7334f31f84c5d1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3290c092bb4df9f7429398cc191d51cc4a6d9e3c9d6c97ac497411628b60ddb3
339b91dfbc4cfcd13c9145b29a356385bee7441fe1a2080034b843e72f0be1c9
3502c78a4597d23cb0ed5791bf817022040fef1e3a76031e191db400b7a1c383
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7ddc877d6ae026147cd66e9018ce6cd6c40d8e9b6a20a7faefc99808e9e1db
3e666ee924aa97d4101c3794d81ee0938a1d02b1618b4bf6f0a21946e214861b
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
414b5824add908e2e550fdd81686e483eeecd303bb681a292431d5a90e1ee22b
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
42b67ac69bbb72f3aef7a7c78738bc0dc2c5067031de210c36307276c618ca69
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49410c74fab6de2717d7f1318a0f1c6e388d528b08bbdfaaf30917b93e38e5b0
4a48b50c4347ea57e67c362ce73337ab69f7fb797dd7ec05522678c2612a3bae
4c117a0c5d417cdde9267c0e6ed8edcf909af2db932521d5b7f846c248b2cc31
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549b0d45dfe1adef0f4412220c9e7b22ea9aff17db7545eb0534182a8f8d3ed0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5798c3980e0e366fda8a223028c5742402307bc9f3eb71825d59adc1f60d7783
5cae1544da5f4d1a1e9e29b468435ceebb02ddaeb1ffcc4398efd8effd9ef546
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6401f7470ab74bbf1b377d8d7894b9cf6f83f61ba01f7da0120efeca0409f3a2
64244c32f8d71cf09d9d1afbe554a797f43f2f8f23b9b14a89ee0a3c385d3335
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
687cd93109d3980f43366ec194f81eec364bc805cd641b2891cb44971e8016d0
69b4a89c8fcdc552a5cb8bfb127b902718c26fc97661ef784b9af8019b4a8b1f
69eb9b5be406d57a9040f797f2f852dfc3852e5924c921ba526622fad8bb47cb
6d7db93f7b1062491dda9d22c87075309401e6f2092f4724839b7d4fb16f3d82
6f8c50527419722ed3f104f107f99b7d4a9655813c39fbe53f28c6c48bd7437e
710458237fad62b45edf162dc5061095b2e342b820f1b84accbab320a16f3172
713c72b581183ad1698526b6d1987152e0c55e4fa78a26df95f6311c7cd889cb
71591d19d9cdb16604be484ddf38e137010313144775c07777c32e3696960303
71d1234b8d73c57d79bead74248c258ecd987fd199e53c77576d53bc1ad4ca94
723ca45bc19fb07fbebe56f38e0f52626fca12b1f701ba1eefa33bf41b23efca
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8068a8be48a405cb9a0eabd96cc4cc678be6e74e6391949ca6c8971ddb94bc8a
81f8dc20470e4285244e553a7042ae687d4f50ec039786dce0c0efc33881bd8c
82b0364e8faf9bace6b5f1dd57153a63a4cc76a32749be3dbd8a6c382e22ac26
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87810cdecaa1016b8f7418b1314554bb5e314c033a152b2dd4b6ba38e8746c97
87c12e1a777a07591b750444850b75d1e7214d23338f1ed803013ad7f0ee203d
87e60ff5d9a772ec5e68097463e3f5f065d412a6084bb8d975b4e71405cc3e01
8c7cfc5a1d747d86a50f28ec514fc23ff0143a89d9c5b40931663c7f2c6fe9e8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fb00570dcad4f5541b3ed036f7f31e836680bf5c85e47930332f62fdc53a6d0
917d0b2d9510610f918e68cee78a8dd6abf6b8f7ff7051bd498ef35b1a894755
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94f7aad1e29cb9024ba8b15ad79e31d34bacee9515f69a81c97fe57b0f78aebf
99031bcff3354584083ebc3335e657b6afce4ea4141832f2a78e8da4f53b45cd
995c4d542d07486f90ef525121d7e8f4f59e9fc8628f1ad1816769ebedc34518
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a59a23cbff5b7e18b71763bcd84719431bb7344ce9a179d70012ace56b7cfb8
9a75dda19fe6d1d858aed1b322bdeded6e5b6deb60d407aaa17b04aa4df6fdcf
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dd08bb6a00b0701b4c76dc8b808be2e9a1fe0880271b5bccb2fd70bb37d83ca
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
9f6828157eb41dc73f3a8855cf1614cafc308541c22a462936be8226641e446f
9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27
9ffa7d3bcfa1f8b335f688cf14b469ede7d8e1aed04c7785a68e0cb605536e91
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a41b061cab0b78987ef20ee2da139aa2c6ec28308a9a7463f0ce2a3033a81f04
a479f6b23dfb9aaa86e43478b283c6a3bf59fd0bee992ec81fef478eb66031e1
a5fe659fd2e6177d11f89d30d49be9ef174b9d2dbdc436a5275e04a2dcac0a8c
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b457c268b77dd74cee814e1a0bcecca9f79f81bc3dc1d654e173ec2f51cb2130
b5d631be85df8d26d113ef156e02a9692836eb51e275fde17200ed3b99fda530
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b71fd460b6ae925dffa2ed87e9a531b1cff3ee728bc55821d46bad3d5aa8747d
b8be7b6e4a821c7105759b20bb5f6db82973794fba55e797b9308d7a9ef3dc1f
bb5ea10cfe85e21bc261f35805a3bf0c4974fe1d22bf30c2dc65903a589d6e81
bdfddead46b393ea069b647b652ad92733c67663cef87556f29c1a94d43779ef
becd5219a8ae94ca080208fc977789ac0496926f467fb317512c840cf1a6c1a9
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c5de2954beb94adfb9e6c570cb9166dec0ddecc7c22504de15974d9006a5e53b
c6b5e326f69ecc08128d648a0f24ed96b569ce48ba397630be3c3a8f5650c9ad
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
ce442541f7b949c22e1a99ca413d8ca7d1217d2d6e748daa0500e7a6a445859a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06cdb19a6e9b02f560be6ba16e23f091a053742a594342e955f1f1a27667ae5
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
d4351ab524fa657144030c85414bd6882dd1ead0a2122e5dd562dcc408566a6d
d7049e99a1410dbba6b6358e8aa13b84faf686bc74bd751eee9e40d1818ecb57
d77331b1bf5469f1dae8853c659d1be2b00063265816f40815ecdf6900e50ec9
d8f682206da87a3eed179362b0787e6f1074c91c70cb6e478d70bb8c18c21087
db60cd2e74c553d9869d22a4166722e878e5d1613b3f92583d87cd0ef5fa6d8d
db64512b9a9cb555d36bac8adca643884bf6e948a8d9fac367f605ba6de5088b
debed31301bfe3b9044bf25b1d70719220945961fb28c599cc4a864e8fece840
e02a14711390c368ff74e39a04e3adee451cf0db4ccb6294755ba1fc391c9b27
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee66cd3cbb94063a225ab4794ad2779f4d78a8a85cd97bb90ccd5ee48287c3ea
eed227275e082f00b5481ea99d234a15a52a3c09a713b0a956204b9057f91de3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22df4425028e0bc0be31f6f5602e4ec54b910c6847c712ef039d2b606ce4709
f2f6f29d4df27f1c441a131ea019b5faf63ac07b218bd99c4816199ff73c3dcc
f4fcfe1bcc61d59a3006e503371c36944ce3fc09f5cdf6c3087dbe12e761f6fb
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f8fb6856164fc4c2245ae6aa660b3082617b9f29b62d700ea63c104bca81fbfe
f93ad4173293f72f876f363bf0628f83afad195ae1275d54a291a802b4d99416
ff18af51189cd02dd812767f52822068b208af638872e730db31726e63642e34

13.58.185.233 Open in urlscan Pro 13.58.185.233 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

240 Requests

78 %HTTPS

39 %IPv6

53 Domains

94 Subdomains

73 IPs

11 Countries

2547 kBTransfer

7082 kBSize

49 Cookies

13 Outgoing links

Redirected requests

240 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

13.58.185.233 Open in urlscan Pro
13.58.185.233 Public Scan

Screenshot
Live screenshot

Full Image

240
Requests

78 %
HTTPS

39 %
IPv6

53
Domains

94
Subdomains

73
IPs

11
Countries

2547 kB
Transfer

7082 kB
Size

49
Cookies

240 HTTP transactions
6 data transactions