storiesdown.com Open in urlscan Pro
2606:4700:20::681a:90e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://storiesdown.com/
Effective URL:
https://storiesdown.com/
Submission: On September 13 via manual (September 13th 2022, 5:30:33 pm UTC) from IN — Scanned from DE

Summary HTTP 135 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 23 domains to perform 135 HTTP transactions. The main IP is 2606:4700:20::681a:90e, located in United States and belongs to CLOUDFLARENET, US. The main domain is storiesdown.com. The Cisco Umbrella rank of the primary domain is 498430.
TLS certificate: Issued by E1 on August 14th 2022. Valid for: 3 months.

This is the only time storiesdown.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	2606:4700:20:... 2606:4700:20::681a:90e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
4	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
6 12	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 7	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	82.113.101.236 82.113.101.236	6805 (TDDE-ASN1) (TDDE-ASN1)
135	28

26 2606:4700:20::681a:90e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

storiesdown.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.19.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.22 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.236 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de

portal.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	477 KB
26	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373 cm.g.doubleclick.net — Cisco Umbrella Rank: 303	126 KB
26	storiesdown.com 1 redirects storiesdown.com — Cisco Umbrella Rank: 498430	337 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 350	316 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709	7 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 329	5 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 19	1 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	61 KB
4	imgur.com i.imgur.com — Cisco Umbrella Rank: 4706	69 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	132 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 5202	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 891	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
1	blau.de portal.blau.de — Cisco Umbrella Rank: 87757	634 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 494	457 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 2282	351 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1463	356 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 885	98 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1531	463 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 972	649 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	45 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	16 KB
135	23

	Domain	Requested by
26	pagead2.googlesyndication.com	storiesdown.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
26	storiesdown.com	1 redirects storiesdown.com
18	tpc.googlesyndication.com	storiesdown.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
12	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
10	s0.2mdn.net	googleads.g.doubleclick.net storiesdown.com s0.2mdn.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com storiesdown.com googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	storiesdown.com
4	i.imgur.com	storiesdown.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagservices.com	storiesdown.com googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	image6.pubmatic.com	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.google-analytics.com	storiesdown.com www.google-analytics.com
1	portal.blau.de
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	storiesdown.com
1	cdnjs.cloudflare.com	storiesdown.com
135	30

This site contains no links.

Subject Issuer	Validity	Valid
*.storiesdown.com E1	`2022-08-14` - `2022-11-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2022-02-11` - `2023-03-08`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://storiesdown.com/
Frame ID: 5690A6D8D01F30985879EE661795A062
Requests: 47 HTTP requests in this frame

Frame: https://storiesdown.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663084800
Frame ID: 151A61B0551224FA23331FA0F19F1841
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/zrt_lookup.html
Frame ID: 9CA52F0A09672902875ADF02F8C175B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9461418923686817&output=html&adk=1812271804&adf=3025194257&lmt=1663090227&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fstoriesdown.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663090227322&bpp=10&bdt=598&idt=358&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8171747347928&frm=20&pv=2&ga_vid=719241268.1663090227&ga_sid=1663090228&ga_hid=66467653&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178&oid=2&pvsid=3903197890054829&tmod=1162381173&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=393
Frame ID: 5CF7DF4F27BC5C3428A7CB12223BCD7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9461418923686817&output=html&h=280&slotname=8602148905&adk=1861670446&adf=4155832853&pi=t.ma~as.8602148905&w=1094&fwrn=4&fwrnh=100&lmt=1663090227&rafmt=1&psa=0&format=1094x280&url=https%3A%2F%2Fstoriesdown.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663090227332&bpp=3&bdt=607&idt=387&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8171747347928&frm=20&pv=1&ga_vid=719241268.1663090227&ga_sid=1663090228&ga_hid=66467653&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=253&ady=354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178&oid=2&pvsid=3903197890054829&tmod=1162381173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0Bv4qyDWNk&p=https%3A//storiesdown.com&dtd=393
Frame ID: 0DBBEE115E06679071C804557876D744
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9461418923686817&output=html&h=90&adk=250841977&adf=3406953610&pi=t.aa~a.2630554867~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663090228&rafmt=1&to=qs&pwprc=6814385270&psa=0&format=1110x90&url=https%3A%2F%2Fstoriesdown.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663090228077&bpp=1&bdt=1352&idt=1&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D69ee0168bf8465b6-22ed86a91dce003e%3AT%3D1663090227%3ART%3D1663090227%3AS%3DALNI_MaC_tpmvi93ecZdXUkuXHU8eEZR_A&prev_fmts=0x0%2C1094x280&nras=2&correlator=8171747347928&frm=20&pv=1&ga_vid=719241268.1663090227&ga_sid=1663090228&ga_hid=66467653&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178&oid=2&pvsid=3903197890054829&tmod=1162381173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=viHQfiE8L7&p=https%3A//storiesdown.com&dtd=14
Frame ID: 269CDCC937495FB508D38EEF5CF9ABB6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1
Frame ID: F5B58E089D64B7786A27E64F1782A1A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYlPXW0QEwAQ&v=APEucNVzzS4q_G9nPJ3OFlss5hZbwW6fCti83JWONmMqE1ryTqNlUVsCi5KStSkYO4KhFz54ViCVbLIqwccaNEouCTaIrqlAmnhbNTsCyAcI4D_Jb5uEpT1QOFfZc8vP7bVW3gV0kKTmEz32VhIpZs7Ghc7DmRN50t7nAqbY9tPk6-7fN-BistQ
Frame ID: C0528892AF356914084B5C4AC5E38CE2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220908/r20110914/abg_lite_fy2021.js
Frame ID: 81A5E8C8636B18A0513D1859028733D0
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DA6B336AD723FDD60FFDE7B79B49F53C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Frame ID: 0DAEFD05AEE29514B2DA5DE2ADF3DB50
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARig5qXQATAB&v=APEucNV94mi-uq03I2XHCvDFZWcqzsqdFfmowaqHl-xT_5pOY95W0OliHEqbkzOO7rhs9dzAKk3cEQkdiTiHpU05VBMBzh3WcMnZLyQEwiWnfYE-DjpCBX4Mzf0Lxfezws_U_4ccb8Snz7elRV0g8sDXJxrt-z5xHMxAMtyAgjxQ7zqJkiny0Ss
Frame ID: 8800551FCE8A14A1E57A78208CEB5A71
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaMev61KyGzaDFpqtmZC5q7OW9w-xMDoz4tbJ9UhLjikQHF7eC94L0QVZKbteT5GYqHRmagqfRc0ejrUI-meWL-VGvoHGzmXv7vt7bsZ113hGgQZw58ZZMvjOIMElIb1EjPrLlZ7DbRRBiV_25gA1FfbHKNg&dbm_d=AKAmf-CL9uvO0xrRAWaAfl8JrCmX28bzmBu9EgvcwT86yjI255ioA48TJpjyC0BIWkFa2gem3l81cbGNKF-eYJsMxlbSu3Rgh4qWtIYnl0VaoTPqd7v6r-PfPUL31Yl3-zRfVVWgZ_Tlu4JrYMMX6983Pwj7dZj0oabTbCvOk2ES1k7IFsaiihTS-H8va39xwKADF8Slm7o6w0RNanwoY872lNfsGNCju8IFfUafdhZH8qg1RteEdI3mO4bEZxVAIjEJNW8-jEdPP11Ar2SlQ5CvNIQMGpkXe70H31jrGyOj6Ju4avVwEY9669evn3FQJStG2lJ5n71HNbs0bWIDfnnTvpSp7O9-_VXDPju1RIFGPHRaCKXGbzmcXVFN5fxVbjVnrwTG3iwnL3gvcBaokDZJsUIidXSBX045uQ0Qr1YNRYPK8ft-lYcUH6VrI8mHgRnnuD19hR31-EB3XFPtRtN5M_rsNAIKhdG0kqBkBz9u6u060pLjXtNbcAKo_vsvRMaLZqLs_Dry_-WLRH476IU6U6SeIMHQ9hPXrl3CQ4urfDUjPA24nw2zPQmG2FZjxvZ9GYdFGfvROY_88lebgwC2EHgvlTW-r6gdems7rUW71xa7CYF2b3t-_oRoQFt_PKKa3aWdlkAahL5tpdukYtMRUfWJQK11J3RC-0uhJczlkRBxDeu0021kaWovBnAExiwWZmXuhdmi7AmxOvJXkL9AFYlG-8JPsW8i5uHHm2Gnp75Rk6Sm6BygN3KwBZhwulPt6ruuNlJ-2IPhZJQyMYxueu8nZeVYrm23UzbB-6mpbykhStb8Nz6V5ZWjBWmBFWSCmZ3IMvvq4fHGW8gnfvhbi2tmRe3Y3rQWidA6EKO8uG84Chxo5jqMjuIilfgcN9fBvD6fF_v5hoQIaSW7Ybv6yuN3P-TqoGLyb6CW3kpfUf2pF70plsH_GFOQb-ChNAPnaCzOHy0gVGNDIhiywg7LajaIHvXipkb39lyQxZZlIq2_FTtSXe8UrRdRiwtR6uwj6k2n7LQu3M84pp3D2cRjtigPZJ2JyBKh2NOoBnEk7F9u99dIyusZ_5S3L6IX6vGevlDMd67Tp1lPbxEq5Xj6iOQgimDEuRzIaVV1JjGgwlgbkwQgIMTe67l-ie4Igq30Zp5n4tyiRsClxo9FEI5hFdx9GXr8Dm7nXE-ixjX_agooVGYb8bYv5HwHASDDwWG3VQZrplsjHCbbniMAHmHlOfbO6WTyjj22GMh3s3YsKy5qXYr4tGOQz0yn1iyILnFBGxym0HfhPSezZbhdc5t5VK2x2UehQKw_1sr47zC6TbrZF2v8jgRueVjm_0exBaujR-wv66sxrH7c4yePGJJSF-qO5bmBgEpVg2LAgxHQlYwhUpz14x8bp2i6GpEfVNlabMx3Izp-6Cd5OOVR1nWwVxeOICyvHfspVU8ixq7MKASn1Y70XQuj8jQHSRNF9VODyUbl-lAss43gUgyXRcAlN1PQKdOnyFBpFhZ7C5tyYBUefiXL_ye0CT9NbcodDay72ikllXfvCY_TJci7iWEGQci1crHrCvBD8Uq7BpYC1FFZt4oQDILdW55SDOY88aKP8yFLJZN5OA2PmtO10JfWnWdhCUEK-RNLUOEP0IpK1tUFvJ-AkI9L4gyeqUsR0AIGCZ-9nqTDlb4n6hAoUPJRRRg3L7JvefhVr8e2V-7UK6tVMLOcd2hp6Xod_CvGk-Gj0vvnhMd0iahFfysDaOnPpPR0Al7puu69nGwKmTysIY1y7Hf3FLs4RYUJ7c20s7fJZfhY19Lu0a_TTcRisRXD_3VRrRQ_wYbmcnsmC5Tc9qXH3yqYgDR16_MPdlN1UcOudcuAT1VUGaSTkzhZHXsk3XtuI-go1g3QlOezUP85mY76-RkJL8YzA5MYvfj6NdAfRkri5i89m_8B8us8V7RWaF_JXbdsXtpoHQxTrZHpuKs6cxWqYTFgU4-fYDX7mVtMFV25sMs95ajpexymHfnVNW6b30jy_WshEmMj5NI0r1QEOYhcNOCqZBVMMiq25zBSC6ZZlGIyct64WzAY0mP60YNUw3cLk83e4o9BPpKmdzyWYDni_9Ws8oRg5EfWIbNW2lOX27xJFvIUVGkxT3MgA9kE3lzfh0jTLQuoLBg63rRV6KGyQ66EnwLf_GULu4-yKKKobAroKTdCkoxhVIHFyeESziA6rudSLBkX5Y_lNsdl1DsPZ43e7fKhdM1REBQyx6jK4gwpRAg5IbgVzh2-pxboOugic4IDUxLCRFKPLzSoEeNtpvxuSUM_O1vl_2aepUuzUd6f7t4GqQtVth79hybHlbOiYKWFt_-YiNuGwD6k6aEq8_DbAMVOZ-xqYXAiOzBVTdS1G0Sc8Jk1BELmWm0PvtW02bsaWlyH2uGMq_kx8RLK0e9M7Dz2k0YnbriZqHyTsbAA04jQuNrEF9b6HJyEb5u_NsLMhmPM4gibQD2kMZmSy5CaAlr2W4Ruql7hffgPsnzQLHY_vXdSSroEqr8Q9E3ZRIsbd6b6T7e4sWiQltxE1_LfsZb2e8BbdKFW4L2fPFcqsy8sI3z2uQtU_urIB8AFCgkteTjbHhv6x9Z5TOMZK5emF0x665lRsZO1EdUCroFWY8l9l7MwIo1UQaCHof5vezxmVhU6QyKxv8_VA1k_YK9PFgApoRYrbE9NpMdPgBTt9CyEJl7aDrxHwaDEokWt-LF2A1kUomZpasX6oHYjywZFPSh7x9_kfTR9N9onWiQlzQRyluRaf6WxShWgCD7MNzKYuknaBnCl4OtK79-rD13sXamxGxZ5b87Xm15P2ShTasWr9JuoCGPw3MAD27ccGTCbFD0ly6BGowwwXYAOvcCBT-YBymE8Fc9bavQtO49fjXLaDWxHBlLFfuo6gBSd7dZxtYgGXFcCxfy-YCiMO41xHf_aczzMbHbap4N_eEtGDVBODebrAMpesuidBSAhJXJ4w-Z0G04Ja78yIK3tW3-E4LgDWIrpiV9QiRm3ojdKLO8HBWTjZWCca1BRDlWb84kaUrfQYeiKUsLIlMAe5tmVHETCbrhom7BAY9z8wSvZIne6VlwTJUlPUQaQAPQv91SLWjugZttdnS_gyRlgTUo&cid=CAASJORodD1RI2Rn4kQ84SxHXEGKVQg9tOd3-sikOnLS1dUJyNXBUA&rfl=2%2Chttps%253A%252F%252Fstoriesdown.com%252F%240
Frame ID: A2E243B81F9AF7E19EFCFA8D0EAD2C42
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 583C78E90A56E0656A25EAA7102EFA12
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C4AD3BFBE0C2918319449CF1987BE6A2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1263487268815896576/728x090.html?e=69&leftOffset=0&topOffset=0&c=F6UP6p20e2&t=1&renderingType=2&ev=01_247
Frame ID: 69B325B9DF62D06339233F7CB227173B
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 334E3AB066B26F5B7D4CECF98F2DBFC6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 24C0563D67BFB071F1222D077FB30741
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Frame ID: 8356C3495E439E8314CF9475DA6FF07D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Instagram Story Viewer & Downloader - StoriesDown

Page URL History Show full URLs

http://storiesdown.com/ HTTP 301
https://storiesdown.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

135
Requests

92 %
HTTPS

57 %
IPv6

23
Domains

30
Subdomains

28
IPs

4
Countries

1608 kB
Transfer

3825 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://storiesdown.com/ HTTP 301
https://storiesdown.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC9jyuxbJDm7zWS1gByxwCA&google_cver=1

Request Chain 62

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyC.NMFiHsAvcKfvsNZe5AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC9jyuxbJDm7zWS1gByxwCA&google_cver=1&google_hm=2

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEbCrYaZKcdh0HogtpxwAiE&google_cver=1

Request Chain 64

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI0MDI3NzMyNjUyOTE3ODczOQ%3D%3D

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSiRbfTNd9pI1_rWl1hd7w&google_cver=1

Request Chain 93

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyC.NMFiHsAvcKfvsNZe5AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSiRbfTNd9pI1_rWl1hd7w&google_cver=1&google_hm=2

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFNmOV9RMQQ2iVIUjPdfwI8&google_cver=1

Request Chain 95

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI0MDI3NzMyNjUyOTE3ODczOQ%3D%3D

Request Chain 107

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHW5wz15jJcB0fCmiwnjXxw&google_cver=1&google_push=AehlK4A_HQcjS-wOWvAxwGzTmZjZRzpwMLz3xuDdebEOGYp1pkJWreLxrsyDIiO9atREwaHWxO-ebMNUrsroYkMSKvtYXu0CkkCa HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHW5wz15jJcB0fCmiwnjXxw&google_cver=1&google_push=AehlK4A_HQcjS-wOWvAxwGzTmZjZRzpwMLz3xuDdebEOGYp1pkJWreLxrsyDIiO9atREwaHWxO-ebMNUrsroYkMSKvtYXu0CkkCa&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=297Yn38DQ5Odg07i8fE1Bg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4A_HQcjS-wOWvAxwGzTmZjZRzpwMLz3xuDdebEOGYp1pkJWreLxrsyDIiO9atREwaHWxO-ebMNUrsroYkMSKvtYXu0CkkCa

Request Chain 108

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM5VYC-8rpAl7I-hKC_bf6g&google_cver=1&google_push=AehlK4DpQGlwm4kaS9D5DY9LSjms01OH_mcX0i1AyIoS0_um5cW4zwE_NC1N9uKewNigU7q2mOshXHNvfnT6r2khZWx6CoQMKfu7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgwR1pERVAtMVYtUVJC&google_push=AehlK4DpQGlwm4kaS9D5DY9LSjms01OH_mcX0i1AyIoS0_um5cW4zwE_NC1N9uKewNigU7q2mOshXHNvfnT6r2khZWx6CoQMKfu7

Request Chain 109

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK_PKXb90laM_1aI8n1fMXg&google_cver=1&google_push=AehlK4D94vr5wNFr5WaTc7e-oEvK_go8PDK4ThVrxcUBadp85abfiQJRW_SXjvx9h50rE2cbnPVWlXsG602sp509pykMbPHwfRMr HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK_PKXb90laM_1aI8n1fMXg&google_hm=YyC-NMFiHsAvcKfvsNZe5AAAFDcAAAIB&google_nid=index&google_push=AehlK4D94vr5wNFr5WaTc7e-oEvK_go8PDK4ThVrxcUBadp85abfiQJRW_SXjvx9h50rE2cbnPVWlXsG602sp509pykMbPHwfRMr

135 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
storiesdown.com/
Redirect Chain

http://storiesdown.com/
https://storiesdown.com/

26 KB
6 KB

273ms
214ms

Document
text/html

2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 79840e3941298bc0e758ddbf2c931e8c24ebd61fd459d25579b8bbd345a67cc3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74a29c5bc9103751-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 13 Sep 2022 17:30:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3eoL7ake41a0fAqvvTZze4zJuCFakj9xlGDeFku%2B%2BoJkh%2BX68U4fOulTkwV3SCaHMAcl%2BIJTgNaCYvkYL18YKAmGXcrnreDTTAnEMQyK%2FVrGFR0uK5Da70ENSkheNGtSsUdGZ%2B29jUpkr%2BTJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Next.js

Redirect headers

CF-RAY: 74a29c5b0f2cbab2-MXP
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 13 Sep 2022 17:30:26 GMT
Expires: Tue, 13 Sep 2022 18:30:26 GMT
Location: https://storiesdown.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bNoUu7QpxdieEWtY6m9LFiHLuAMYdRAg%2F5LnQnJKLenKk8GwlrLt%2FLxH%2BmMtGXc1iOlJfmr32cxoZuZVRF7N1uoYbqGe7N%2BztcV4d045sCu4RhwOeLcBePDSz5AGB4t1QLU3LoH0gkwAw%2BaxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/css/ 138 KB
16 KB 94ms
45ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5428148
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15800
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-22688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZMrIHJQ%2Frg6DXjjbCJgDzWV0tAcHGkYHQmhfEwdY6dXyLhkT4IXIUsmMOH9p2wxjrBJtmXBFCURxv9ixuJtyNcZXS4y8h%2Fd%2F5E1QvZRUIomDvg7YAvYnPnLrmW8EAySjOuQ1aZaS6mtTy%2FFGH5LTXd3"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74a29c5dc9c601fc-ZRH
expires: Sun, 03 Sep 2023 17:30:26 GMT

GET
H2 200 e548ba396ce340198da8.css
storiesdown.com/_next/static/css/ 14 KB
4 KB 66ms
63ms Stylesheet
text/css 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/css/e548ba396ce340198da8.css
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57b4bfbd058abc2d8404253ef5a0de3264b8b1e60d00f782567915be86813538

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 15:16:26 GMT
server: cloudflare
age: 2945607
etag: W/"3786-182885410a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9N3m41W6cGPYq7c%2BVxIg27rwK3sf5mULdiCfWBpmM9AsPqh1StVls32CNvKWWDqzbpTO0OWsIFiDcz7xRWT8R7PcEObtyU%2BHPcVvFEb2K4srq7w6WHw%2F9cWhpdChHEy%2B5MmUm%2BBkkEXlnKyUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5d7c803751-MXP

GET
H2 200 main-93258968c121ee28b224.js Show response
storiesdown.com/_next/static/chunks/ 26 KB
9 KB 62ms
59ms Script
application/javascript 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/chunks/main-93258968c121ee28b224.js
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32fbfd378627b6e06bb3a55e4cd60c37376a6585b2eb5ca0ab7a5629195a59ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 15:16:26 GMT
server: cloudflare
age: 2945607
etag: W/"6774-182885410a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJ7xEiaerUteQ6LATrL%2BDljPJL3NMFps1WgnDxuj0J9fa4P9J2nkWKmxPc6Deqi%2FidGPuXiE0IMa9pqPno0HdzNIhNtdDgbkwCgd4IEv%2FNJ5uE3b1T4RAuJuESGXA2k8t9jlATQHb7tI%2FQvX9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5d7c963751-MXP

GET
H2 200 webpack-e067438c4cf4ef2ef178.js Show response
storiesdown.com/_next/static/chunks/ 2 KB
1 KB 61ms
59ms Script
application/javascript 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/chunks/webpack-e067438c4cf4ef2ef178.js
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 15:16:26 GMT
server: cloudflare
age: 2945607
etag: W/"603-182885410a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lt7ENP51x8W3LstvyvvRmRjNSnPR6Glj5bU8z7RWJC2FAsKcIS3scxsCTYRqicsdWRJJC7gU1Tjqm03kiy2%2FCFw43bQPJrPClwD439CMmonS7M%2FVNO7nPpn1bXg6TRoaRbBZbneNm4JurAsa0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5d7c973751-MXP

GET
H2 200 framework.d342f5f3955b7f7d6277.js Show response
storiesdown.com/_next/static/chunks/ 126 KB
40 KB 68ms
66ms Script
application/javascript 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/chunks/framework.d342f5f3955b7f7d6277.js
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55087c655b92aab9eff860d5bf3e0c766ad4f02108ba4ddcfd2df0dea59dcc5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 15:16:26 GMT
server: cloudflare
age: 2945607
etag: W/"1f8b9-182885410a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4VDeX20iv1b4mYcphnoVSLcqIHnNferVPQR8TsIHkwlJ949r59P8zWEJ9i8SqhIgfbDzE8fdZBqHeF7J9PN7sF8XZNXGrpd3Ac9b3EibVmvgDExvd9q4Zm%2FXADv31zt2gxzNcAUKwQ5f6c0xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5d7c9a3751-MXP

GET
H2 200 commons.6c9a0abfc2525783447f.js Show response
storiesdown.com/_next/static/chunks/ 40 KB
12 KB 63ms
61ms Script
application/javascript 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/chunks/commons.6c9a0abfc2525783447f.js
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20e9484aa98773396db2247992566783c0fefc024534751c70bee4572e992fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 15:16:26 GMT
server: cloudflare
age: 2945607
etag: W/"a04e-182885410a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQMF6Z8yD%2B9vs8AmuCLFFIy9sMgDmhaeh1Ok81n6v9YeAJcF5u9FcJPgSr20unSX6Z068t453sOSzw%2BkYTu5bUw3KevQr%2Bp%2B7r%2BkX9IKPI8yom1McVb%2B5JX2Ihe48HNsgWoEBAJypvVmnNo%2FmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5d7c9c3751-MXP

GET
H2 200 _app-517bb749e05305498f05.js Show response
storiesdown.com/_next/static/chunks/pages/ 29 KB
10 KB 67ms
65ms Script
application/javascript 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/chunks/pages/_app-517bb749e05305498f05.js
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 513bf34604e9e7860aef61a613f9b2bfd91c8893594caa25f75feef7edf34b8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 15:16:26 GMT
server: cloudflare
age: 2945607
etag: W/"735d-182885410a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOB7gnVEHO1eGjrVuydF%2BNXGLgxw4PO84jY0o5wevwZu6tl00IeQ6sa0JI0Xt6fr1CSIADwtbqySbCbKnunZk6zueFDVg%2BB%2Bs4JFm9Jl4IZInJ7HbSjiDAwAvzEf2mzJxQtFGUQPWZmA4a8hVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5d7c9f3751-MXP

GET
H2 200 5e7f127616aeeb94213a5a078f1d094a24e2ba31.505f1a9356f5e0665f5f.js Show response
storiesdown.com/_next/static/chunks/ 32 KB
10 KB 64ms
62ms Script
application/javascript 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/chunks/5e7f127616aeeb94213a5a078f1d094a24e2ba31.505f1a9356f5e0665f5f.js
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b71e88c89227ae328408fe8d5d237823c86e52231da8c83ca7df93d47bf67a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 15:16:26 GMT
server: cloudflare
age: 2945607
etag: W/"81ea-182885410a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JC2C1icCktov473S6EnE6%2B%2F58wQYq%2BJPCoKmVJpRQjx0OdFp34xo8LiPVwr03TzX2S6JQhqP0c2ZOJtMLiM9kBE%2BUl6PpL%2BmBT6IGwNY0TzfFbt0hXi1k%2FXtAH1fy3JJo1I6kwvsYamkLSXG%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5d7ca13751-MXP

GET
H2 200 ab16c389b7e931584408341dbb645be399a6ad51.82d603817966f360a766.js Show response
storiesdown.com/_next/static/chunks/ 14 KB
5 KB 62ms
60ms Script
application/javascript 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/chunks/ab16c389b7e931584408341dbb645be399a6ad51.82d603817966f360a766.js
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfdc899acbfcc65a0a9a522cfc0ef7eabe9be878d4981c59b6c36065d1b9509f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 11:40:27 GMT
server: cloudflare
age: 2440169
etag: W/"363d-182a6747a8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWNIgLO4kgVcqkqsxPCs50TQc6RWCS3fTxW%2Bdr9sWF6WBpvdkO0Z5AjY%2FwQf3yA0LRWkNq3Q1HlyTFzzuF%2Fmum2XMDfmvcE%2B0hi8YDlFWb7utBZ11g6Q8gs5KaRgr010YaUjL0rHD6Zwl%2B0Q4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5d7ca23751-MXP

GET
H2 200 f9c6f374b31ead2db299dfe2ee28e5e1746a9234.74cf5b72cb0ed6e5f272.js Show response
storiesdown.com/_next/static/chunks/ 77 KB
21 KB 91ms
89ms Script
application/javascript 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/chunks/f9c6f374b31ead2db299dfe2ee28e5e1746a9234.74cf5b72cb0ed6e5f272.js
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 916f8b37b985e5dc263066132fbe2fc4f86b8b45efbdc60495d645c08892f805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Aug 2022 07:44:33 GMT
server: cloudflare
age: 2281531
etag: W/"132b8-182afe93968"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaDX1118VMnQVqupw7JE6vLKJ0%2FLOIKos7KJ6%2FCeSY%2Bpa9OpOOuH1ybAuk6ZwJo2MCUy8Io5Bl3SNQnLPAJoPHdYbCgsL7gcSmZuZYZLCjdHto6tFuFkEAe595Fm%2BIgR0e6RsEZkh4lxQT6LFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5d7ca43751-MXP

GET
H2 200 index-8e0b637caa558b152a9e.js Show response
storiesdown.com/_next/static/chunks/pages/ 3 KB
2 KB 65ms
64ms Script
application/javascript 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/chunks/pages/index-8e0b637caa558b152a9e.js
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e65be57ba022d1f05cec2f93cb6642d111c1105882dd7a04d4f649801c7d420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Aug 2022 16:33:11 GMT
server: cloudflare
age: 2336227
etag: W/"dd6-182aca6d78d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iiud1v2QeKMfnXdhSpTkzzMUgfUI3J2x8dkTtvDgsevCV1kY5KVMstPFbFxNjwL%2FV89BdAJz734jVXotMRMYeylclfvr1%2BlEE9MZ4JH7CJsutax1K4TtyPRPTIomOrd9EBxayHLRkrPXV1CKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5d7cab3751-MXP

GET
H2 200 logo.png
storiesdown.com/assets/img/ 14 KB
14 KB 169ms
168ms Image
image/png 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storiesdown.com/assets/img/logo.png
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c3d1b38f425b27b78fa85b6856644ff546261400ee3a2835c9925ffcada6471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 06 Jul 2020 09:06:15 GMT
server: cloudflare
etag: W/"37c3-17323603a6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BEB75d76Ce5kUhM67rDxwmFMYIDsTy1SljrFRbjCsAy7ThwGITKnUStwXsff6EnSJD4OBsQKp0j4tMmd4hfnv4dedPlwlLoHGZNUBNy4kvP51I5OxQQRIWfCr1MSW37yqPVbs1uCi%2BbmZiStw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a29c5d9cc13751-MXP
content-length: 14275

GET
H2 200 no_account.png
storiesdown.com/assets/img/ 604 B
916 B 180ms
180ms Image
image/png 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storiesdown.com/assets/img/no_account.png
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51b47d2deee49fcf6b0250bab75d46664b42ead56ecf2510ee17d5301ee33b66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 06 Jul 2020 09:06:15 GMT
server: cloudflare
etag: W/"25c-17323603a6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZRo9xiVKB1ZFcf%2B7TNrGV99POOuBpt85hOUV1PiM3%2BqHV6srDZ%2FnDgLjDYnYs8gZo0npETTauyhvhBpoFQ%2FHlvr%2BWfUlLML54Ga%2FQtYItgj5LCrF66EHI7e5aMP3u5xIfKRfKAw2chBBfBy2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a29c5d9cc53751-MXP
content-length: 604

GET
H2 200 anonymous.png
storiesdown.com/assets/img/ 2 KB
2 KB 161ms
161ms Image
image/png 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storiesdown.com/assets/img/anonymous.png
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88339ceb8845c5c33c3723412c79d369336b75da11ca03320bbd7493b02bdd86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 06 Jul 2020 09:06:15 GMT
server: cloudflare
etag: W/"620-17323603a6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RWm149j4YD%2Bi3jdmUSzARrzllRqvHWGPh87d2ufhkPy49wT7Rn5cYahTKctSClKSncdLG8rp8giWL5w30ckcAjyL69%2BC7IhQLW4jHhf4tSMN2STxwuQ2OPg7g5%2BzrRZ27EJQwmW4YUKvC1GrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a29c5d9cc73751-MXP
content-length: 1568

GET
H2 200 download.png
storiesdown.com/assets/img/ 2 KB
2 KB 171ms
170ms Image
image/png 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storiesdown.com/assets/img/download.png
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce326c98101b1361692792459fe021070cf63ec7bc4b5dad746ab8d23ea3edba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 06 Jul 2020 09:06:15 GMT
server: cloudflare
etag: W/"895-17323603a6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkWkBrUuF2XVJFFtlZ5Jx02Or8Ln9YwKFSvv8LQlzZIxeL79NI8fkuVlX20z05eADTv6FZB81P%2B4%2F2Ckd3LJY0rQmR3oHMYJ7rY%2F%2BhPr%2BllVFU8%2B9F5NvjsarM2fWKgTNCERrit4GhoDeCuUYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a29c5d9cc93751-MXP
content-length: 2197

GET
H2 200 email-decode.min.js Show response
storiesdown.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 88ms
88ms Script
application/javascript 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://storiesdown.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Sep 2022 17:33:45 GMT
server: cloudflare
etag: W/"631b78f9-4d7"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niM%2FUbOEGskVMQa6n%2BsKgyd9eh6Ue1Xh2q%2BVUwGgibeaUDNKNtV9FfAwogQAUYnRWEfUC5ILEcKzHvpCyiAVRovLgEkITIdW3YgJKWUtSrSCKSGPKX2%2BGe71n73TX%2Fuj3%2FRAD%2Fei2xcI%2F6O3Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5d9cce3751-MXP
vary: Accept-Encoding
expires: Thu, 15 Sep 2022 17:30:26 GMT

GET
H2 200 Comfortaa-Bold.c6eb380b9f8f0920f934ed70d4698e08.ttf
storiesdown.com/_next/static/media/ 132 KB
63 KB 45ms
44ms Font
font/ttf 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/media/Comfortaa-Bold.c6eb380b9f8f0920f934ed70d4698e08.ttf
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/_next/static/css/e548ba396ce340198da8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b82ab5fdba8e0147e38e89237ea4a430f0d7017c313d9b8e56a309acde756c0

Request headers

Referer: https://storiesdown.com/_next/static/css/e548ba396ce340198da8.css
Origin: https://storiesdown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 15:16:26 GMT
server: cloudflare
age: 2945595
etag: W/"20f04-182885410a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKxT%2FNKn8XMC0s2ZxDJh8J0nP9bevC89QSShm4xxVdnGOyv3KI2McnO91G%2BBeIKPfvLaNwpdtJUGLVA3d4tDlE5FCem29Lu9aKq0HQ%2FOPk0JrLeVFS398blRy%2F27lx1tMPzeEgMkBVMmtz%2BXiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5e0da53751-MXP

GET
H2 200 Habibie.203430e32a6179cd1ed80ca3e13fc156.ttf
storiesdown.com/_next/static/media/ 109 KB
46 KB 40ms
39ms Font
font/ttf 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/media/Habibie.203430e32a6179cd1ed80ca3e13fc156.ttf
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/_next/static/css/e548ba396ce340198da8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfdbf4a417af7db9e516fde6702fae84a12dbbfbdb33a6530a79209b619914f3

Request headers

Referer: https://storiesdown.com/_next/static/css/e548ba396ce340198da8.css
Origin: https://storiesdown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 15:16:26 GMT
server: cloudflare
age: 2945595
etag: W/"1b4c0-182885410a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyYpWy5Z6hQg1buQTKNgmxl6yc%2BL%2FOYlKubk8BBhMF9yIoA%2F7pDrGb06ZCuhLNEKD%2FItPBEtBXCOqMFlz1p7do6R4pTb84xSGJ%2F2LXGx0MKg%2F5m6eusDqakBPZ4zo9VhfhEnPggqGqhMAkuPFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5e0da93751-MXP

GET
H2 200 Comfortaa-Regular.886fcced57daea5944e76e144f43408d.ttf
storiesdown.com/_next/static/media/ 132 KB
63 KB 42ms
42ms Font
font/ttf 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/media/Comfortaa-Regular.886fcced57daea5944e76e144f43408d.ttf
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/_next/static/css/e548ba396ce340198da8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aeecaf4c799f24f22e871a6f546ca89116cf11288c7a8ff42f11401dd5445c6

Request headers

Referer: https://storiesdown.com/_next/static/css/e548ba396ce340198da8.css
Origin: https://storiesdown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 15:16:26 GMT
server: cloudflare
age: 2945595
etag: W/"21088-182885410a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORkAN8t0nOQBMLf1%2BIIplSrLE%2BOk9wFePXhg3DK4vETmdkekuWDafeuhlhQ9WJ4YYxKGue8%2BRGsJjecfGvUuSWHHxKx1UwcXOg5tUwJFThEgeu%2FQp%2BqpVQ5iflaqtPt0P7OZ32QhvQFE4WD%2BOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5e0daa3751-MXP

GET
H2 200 slick.295183786cd8a138986521d9f388a286.woff
storiesdown.com/_next/static/media/ 1 KB
2 KB 41ms
41ms Font
font/woff 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/media/slick.295183786cd8a138986521d9f388a286.woff
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/_next/static/css/e548ba396ce340198da8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Referer: https://storiesdown.com/_next/static/css/e548ba396ce340198da8.css
Origin: https://storiesdown.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 15:16:26 GMT
server: cloudflare
age: 2945595
etag: W/"564-182885410a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzxiZ4XS0GUCgogRYlPUHntD40M42qplYKzQi9xWQI5eb%2Bd1UaFxmxRqIzUmQIheafARdvuLSFYaBis8CwnI1lQpEQz%2FTe1HRaV6czBrVhedzbJV3sct8GyVx%2Fpx%2BXfcAyc8o6qXRP0ntZdUxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a29c5e0dac3751-MXP
content-length: 1380

GET
H2 200 _buildManifest.js Show response
storiesdown.com/_next/static/1_3ZO1dH0LygQ0MuWoqmC/ 3 KB
1 KB 44ms
44ms Script
application/javascript 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/1_3ZO1dH0LygQ0MuWoqmC/_buildManifest.js
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2716e4cfbd7684b8ff6bc346578233356fad30563c76a86997ed614f7023982a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 06:34:43 GMT
server: cloudflare
age: 471298
etag: W/"d97-1831bced6aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcMsQFrWSamYMXWIHwUFfeeImm%2BSotjLAmuo1jxxjzGTdNLtuo3mWmLVyO0rTh3xj2jAmXUmLFKBwKjaBqnJLmNCDpweOKKr8XG7rORDhYU6Y702IUbmKEScghfNQiTbcLWQWMlNrcGys7463A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5e3dfa3751-MXP

GET
H2 200 _ssgManifest.js Show response
storiesdown.com/_next/static/1_3ZO1dH0LygQ0MuWoqmC/ 76 B
438 B 37ms
37ms Script
application/javascript 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/_next/static/1_3ZO1dH0LygQ0MuWoqmC/_ssgManifest.js
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 06:34:43 GMT
server: cloudflare
age: 471298
etag: W/"4c-1831bced6aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jzfj22g23dOUoZjUJnY1jFjmi3uwV3iCW8koBxLdoz3KulJ7OkbhQH09COut8B9kfE8utCl8IDB44WfVcjvi8%2FRMLCDWjwB1W4uM8lp3mRIZAqGA%2FtWbdGvbLYFrq5wg6O6H1CyWwKDJ%2BPDVJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a29c5e3dfb3751-MXP

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 292ms
125ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/_next/static/chunks/5e7f127616aeeb94213a5a078f1d094a24e2ba31.505f1a9356f5e0665f5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

947796d8a17c209cc5d1373fa2c987f61a4249c4adea903fe5ca4d7307985926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57733
x-xss-protection: 0
server: cafe
etag: 2732651062160866079
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:30:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 182ms
15ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/_next/static/chunks/pages/_app-517bb749e05305498f05.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1707
date: Tue, 13 Sep 2022 17:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 13 Sep 2022 19:02:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
45 KB 186ms
25ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KZR37RC&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f8d48ebafc9af4fbbeb3ca26e4528e96c7b909d1bc10483fc9b926900586ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45303
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 16:39:02 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Sep 2022 17:30:27 GMT

GET
H2 200 ZNRLRIy.jpg
i.imgur.com/ 13 KB
13 KB 173ms
21ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ZNRLRIy.jpg

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8b4c77a5be1b8dc9ba4d89d73665264bb0b737cc1d423b11c376b02099219a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:27 GMT
x-content-type-options: nosniff
age: 3036709
x-cache: HIT, HIT
content-length: 13045
x-served-by: cache-iad-kiad7000178-IAD, cache-fra19169-FRA
last-modified: Mon, 15 Jun 2020 15:01:13 GMT
server: cat factory 1.0
x-timer: S1663090227.140017,VS0,VE0
etag: "46ced2700f8f7b6e5cd6110170715158"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 16

GET
H2 200 IhdHyzS.jpg
i.imgur.com/ 19 KB
19 KB 167ms
16ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/IhdHyzS.jpg

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0b7a4973a5ef762858ec7bb858225e608aa0b17794249b982c07faebfaaa74e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:27 GMT
x-content-type-options: nosniff
age: 3040422
x-cache: HIT, HIT
content-length: 19075
x-served-by: cache-iad-kcgs7200132-IAD, cache-fra19169-FRA
last-modified: Mon, 15 Jun 2020 14:57:59 GMT
server: cat factory 1.0
x-timer: S1663090227.139983,VS0,VE0
etag: "224998e9c8ec80b032b1268459fd78a2"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 mdAyI8K.jpg
i.imgur.com/ 17 KB
17 KB 167ms
16ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/mdAyI8K.jpg

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

870bcab4e803ebc9e15f6ecd726c2b553dfe9f986844240ac9e20e7cd4622244

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:27 GMT
x-content-type-options: nosniff
age: 2344822
x-cache: HIT, HIT
content-length: 17461
x-served-by: cache-iad-kiad7000028-IAD, cache-fra19169-FRA
last-modified: Mon, 15 Jun 2020 14:49:51 GMT
server: cat factory 1.0
x-timer: S1663090227.139965,VS0,VE0
etag: "078b259acd3f65badaefcfc247012aef"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 7

GET
H2 200 dqCNgRp.jpg
i.imgur.com/ 20 KB
20 KB 185ms
34ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/dqCNgRp.jpg

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

c78d253689d8e95b40ed028fcb10a935e941fc366671c06471f83c6833c66234

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:27 GMT
x-content-type-options: nosniff
age: 1621668
x-cache: HIT, HIT
content-length: 20373
x-served-by: cache-iad-kiad7000080-IAD, cache-fra19169-FRA
last-modified: Mon, 15 Jun 2020 14:45:51 GMT
server: cat factory 1.0
x-timer: S1663090227.139946,VS0,VE1
etag: "998a2be3cae97dacd8d25454270a9439"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 invisible.js Show response
storiesdown.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 151A 33 KB
12 KB 36ms
36ms Script
application/javascript 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663084800
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e33dd63c6aa372e6eaaf540e31a58016b1c21470ecc7f39916306c49f3eeb10

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIuaXFCBoFuOrySrtZQ7EbfD%2FIB0YnOMQHCJuju1M2GrusOli5DZ4XtYEBTcldYq2rvrJGSmI0b26AxgDOcEFc8hp6%2FjYPUNy8FOUCH8bAOw%2BC7Y7PL6SgpqiG8GruDssbRd%2BXxnqSfIXD9%2F8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 74a29c5ecef03751-MXP

GET
H2 200 pica.js
storiesdown.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 151A 26 KB
9 KB 32ms
32ms Other
application/javascript 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d48e1cbdaaa1cb95b685744d06b6f190cdc12ef36d27e386e947dcb092601e59

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyevSO%2FgRaJm8FPo7lEPmM%2Bu%2Fm7iEd6pZk8rsuTfNpwIPp%2Feq6ffdKr%2FLQSND0ch6%2FwMGbnhSfAroxjQtyFtHtDbDSHaAK8mNzBfNMwgVzvHhwbL5aH0K52ZlIsLRMNC6e21uj9dNTu6eFGAkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 74a29c5fa8a53751-MXP

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 25ms
24ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=66467653&t=pageview&_s=1&dl=https%3A%2F%2Fstoriesdown.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Instagram%20Story%20Viewer%20%26%20Downloader%20-%20StoriesDown&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=71304966&gjid=330715176&cid=719241268.1663090227&tid=UA-169731965-1&_gid=193684922.1663090227&_r=1&_slc=1&z=1211702758

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://storiesdown.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://storiesdown.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 109ms
28ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-169731965-1&cid=719241268.1663090227&jid=71304966&gjid=330715176&_gid=193684922.1663090227&_u=YEBAAEAAAAAAAC~&z=755983990

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://storiesdown.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 13 Sep 2022 17:30:27 GMT
content-type: text/plain
access-control-allow-origin: https://storiesdown.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 106ms
73ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9461418923686817&plah=storiesdown.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0464850d61992280189e3aec50a21e8a186fa2561da4b6b452bfe0d29371d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124741
x-xss-protection: 0
server: cafe
etag: 5360925698493535740
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:30:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/ Frame 9CA5 10 KB
5 KB 59ms
17ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220908/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://storiesdown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 15:26:22 GMT
etag: 8616628553774171045
expires: Tue, 27 Sep 2022 15:26:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 74a29c5bc9103751 Show response
storiesdown.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 151A 2 B
545 B 70ms
69ms XHR
text/plain 2606:4700:20::681a:90e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storiesdown.com/cdn-cgi/challenge-platform/h/b/cv/result/74a29c5bc9103751
Requested by: Host: storiesdown.com
URL: https://storiesdown.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663084800
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:90e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Sep 2022 17:30:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a29c62de1f3751-MXP
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18GiUwWGDaDM4W5oRlzFrO8vn4tvnXhrNLi81mm%2BKeOgFxaL%2Bra96IrR%2FB6uocBx%2FnsviLueirEoNNyT%2FownUmcj%2F7iEa5QUZhHIPDkFxJtOPJXl8X5050lHBqoMnDv%2BBGXeRyZctV%2FcsX4y0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
649 B 68ms
27ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=storiesdown.com&callback=_gfp_s_&client=ca-pub-9461418923686817

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9461418923686817&plah=storiesdown.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

4fcddb7b2d3bc90e34cc5230200b034212bf742014003f8aac4380bf7ef241ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 81ms
26ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=storiesdown.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 17:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 67ms
24ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=storiesdown.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 17:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5CF7 101 KB
39 KB 326ms
292ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9461418923686817&output=html&adk=1812271804&adf=3025194257&lmt=1663090227&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fstoriesdown.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663090227322&bpp=10&bdt=598&idt=358&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8171747347928&frm=20&pv=2&ga_vid=719241268.1663090227&ga_sid=1663090228&ga_hid=66467653&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178&oid=2&pvsid=3903197890054829&tmod=1162381173&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=393

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5aa827c699085f8b07ac0c24f3c001925e6cebd2fc1e4551e0dc91679294bdcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://storiesdown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 39745
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 17:30:28 GMT
expires: Tue, 13 Sep 2022 17:30:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0DBB 86 KB
30 KB 553ms
529ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9461418923686817&output=html&h=280&slotname=8602148905&adk=1861670446&adf=4155832853&pi=t.ma~as.8602148905&w=1094&fwrn=4&fwrnh=100&lmt=1663090227&rafmt=1&psa=0&format=1094x280&url=https%3A%2F%2Fstoriesdown.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663090227332&bpp=3&bdt=607&idt=387&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8171747347928&frm=20&pv=1&ga_vid=719241268.1663090227&ga_sid=1663090228&ga_hid=66467653&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=253&ady=354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178&oid=2&pvsid=3903197890054829&tmod=1162381173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0Bv4qyDWNk&p=https%3A//storiesdown.com&dtd=393

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b85e8880c48d4cc0d5e50199e6ab895f2cd8173472386049d1a325fc070139cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://storiesdown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30876
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 17:30:28 GMT
expires: Tue, 13 Sep 2022 17:30:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 149 KB
53 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f44e37ff610820517d77683ad15373fcc854c3f71e39283d1b5d83a0ae668c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54571
x-xss-protection: 0
server: cafe
etag: 3062376441956821028
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:30:28 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1&c=ca-pub-9461418923686817&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=1&wpc=ca-pub-9461418923686817&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=true&a=6%2C1%2C5%2C7&apv=20220907_085002&sat=1662925677612&afm=0&as_count=1&d_count=0&ng_count=0&am_count=1&atf_count=1&mdns=0.143&alldns=0.189&allp=28&fd=(0%2C25%2C5)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1961&abl=false&rr=n&su=storiesdown.com&pvc=3903197890054829&r=0.1&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 61ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=storiesdown.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 17:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 59ms
24ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=storiesdown.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 17:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 269C 21 KB
10 KB 549ms
549ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9461418923686817&output=html&h=90&adk=250841977&adf=3406953610&pi=t.aa~a.2630554867~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663090228&rafmt=1&to=qs&pwprc=6814385270&psa=0&format=1110x90&url=https%3A%2F%2Fstoriesdown.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663090228077&bpp=1&bdt=1352&idt=1&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D69ee0168bf8465b6-22ed86a91dce003e%3AT%3D1663090227%3ART%3D1663090227%3AS%3DALNI_MaC_tpmvi93ecZdXUkuXHU8eEZR_A&prev_fmts=0x0%2C1094x280&nras=2&correlator=8171747347928&frm=20&pv=1&ga_vid=719241268.1663090227&ga_sid=1663090228&ga_hid=66467653&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178&oid=2&pvsid=3903197890054829&tmod=1162381173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=viHQfiE8L7&p=https%3A//storiesdown.com&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9a273b0b59f302a5a6c290a6c7876ba6121c9ffc7863d8bb1e82070f01cfd16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://storiesdown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10223
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 17:30:28 GMT
expires: Tue, 13 Sep 2022 17:30:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1&c=ca-pub-9461418923686817&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=storiesdown.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 17:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 25ms
25ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=storiesdown.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 17:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/ Frame F5B5 10 KB
4 KB 16ms
15ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://storiesdown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78748
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 19:38:00 GMT
etag: 8616628553774171045
expires: Mon, 26 Sep 2022 19:38:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C052 624 B
300 B 53ms
53ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYlPXW0QEwAQ&v=APEucNVzzS4q_G9nPJ3OFlss5hZbwW6fCti83JWONmMqE1ryTqNlUVsCi5KStSkYO4KhFz54ViCVbLIqwccaNEouCTaIrqlAmnhbNTsCyAcI4D_Jb5uEpT1QOFfZc8vP7bVW3gV0kKTmEz32VhIpZs7Ghc7DmRN50t7nAqbY9tPk6-7fN-BistQ

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 17:30:28 GMT
expires: Tue, 13 Sep 2022 17:30:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220908/r20110914/ Frame 81A5 23 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220908/r20110914/abg_lite_fy2021.js

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:34:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 15013890920676311251
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 15:34:12 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220908/r20110914/elements/html/ Frame 81A5 6 KB
3 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220908/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2640
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 16:26:03 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 81A5 0
622 B 109ms
54ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvuNqPdcOVtnzwMjMAFekc8soK9AP3CaJo2Ehxoy2_2ebXwNRZG5V0IguKKv-kpLbc4IV1vUNAU_65Br_3KnEiG2DA-biECY6AwAMRbMF9LVQ5rw_YSEEWa4jjDKr101871PS36ozXMwMxlR5vQ4vJvSX9D54yNdGrUUuQU8lKeQ3dAm1OyB3QWo8VN8018SiThoAZIovdXSAV5uDywnaRYDKql1mwyZoUmyADJk3ZVEXCUFacZ2LxgESjX9K2kk1tTKcwsmWJCtoqCAmzD_IShkCvm1UoRd0bLfCom3Ozf5xuxOFqUDX5nphC0Anyfj19dCAPXQ2ZyF8Porc4-qKz6yS3UpVw34gaBfdA0x6BiiO4Imi2qCS5tUS390zb-UsgXssCMd9a3fVGiGVlGvjDvmLbOBx03Sga2mm4nCIwQEcofH5dfXQT-Cm9l7LCao5-tLtyWHdaaWDujOEL04J9pYMUXTPwD56AsTyDVY58uvLT9jcQVMkmla_Rw8vkPKkT1Yt_6b4t-E0vgSqG5D--Loy26hB3eZrnaoQT-ELZmwYis0Cx-tpOqltN5AyIZSe_0GiIj6R0XSMZDh-HOWDa0Mx5R1IAfmIKd69e87rB_00pKFek1FopR6oCBYlj4NGS_TxdqJTyye3UZRh6ql7GfSR8dxenfyS7Qim7DnDAI14ucS29p90uwZ2QcJT481qk4e7KcYcf49KBqQ7-kFn8csL0XkKKhC8DsO_VGBALnOvSRUDhCRahjHVMfKmsqaUzzS21vhofFfmFdL0XwYuaKZ2Kx1BIUWghLGiGDVIeYqunsKqJGpeo139dZ2ye1DpI8Iqu9_xfAHUG8iAQCqpAitoJdBtw4IrGe5R298xbvGpK2fEng6Nf-preBBjddIwfN3fQ4VnUM5m0aS-5Y1GtmOfUh_1COx7WsvLNSz7mi8QAlqGivJn_3nxKyvzdGdr2-rDXBlyXL9VE9X3l3onLHF280l96Poh_lzIkNvXSHLqxex6_c4vtpVCKSlOCjy0JV-zIknCEvk0ZlgHjP5-9ZqHxWBj88zXmZvVQC6Guqp-VA5t5h8m14sistg39XacSVvomDc6FHbTgznVx27KPuDUoCLHYGYYaPcC3ByID_kW7UglP98xYHXzMP9Zwl3H38KUw-&sai=AMfl-YRQD96-1RWfix2U4af45nlhZb1FQwn0QEB4X1f8cE8MbgweDWkE95BXNwMNjhi8rPtK-Lu7ClJPrGJ0sXfyTIYQsvNpcWnPUEz8NFjU-kSgRguWsLySxCja3VCNGT9Z8TxWJxMcPMeRV9h2F6-ijq82f9dEUHzfDvHuFhJModziTmE5y30ajZ1ycH2GDxiwBBBz&sig=Cg0ArKJSzLnvEPScQEHzEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220908.02826&adurl=

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 13 Sep 2022 17:30:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 81A5 41 KB
15 KB 58ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 07:32:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/ Frame 81A5 3 KB
1 KB 57ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/window_focus_fy2021.js

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:22:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 17:22:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/ Frame 81A5 17 KB
8 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 17:28:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81A5 142 KB
44 KB 72ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 17:30:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 81A5 42 B
63 B 49ms
49ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CohYvbMvtAwiZCeONn4NIKzxwZ-LxH3Vym_CNU8I37sptC-fwEAOZ5LLwYogyyvWbcvXYgoTGGV7_I4OT6acZGAQDrOaLD7CLZZ7kiFuKQ6E3_2lU

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 16697894635236395280
s0.2mdn.net/simgad/ Frame 81A5 72 KB
72 KB 83ms
16ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16697894635236395280

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220908/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

092ef5f663f7a25de5ec7c9d1a20ffee211e57af768f91f724df416d27ab6381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 22:03:07 GMT
x-content-type-options: nosniff
age: 329241
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73336
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 14:50:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 22:03:07 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C052
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC9jyuxbJDm7zWS1gByxwCA&google_cver=1

43 B
843 B

76ms
57ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC9jyuxbJDm7zWS1gByxwCA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYlPXW0QEwAQ&v=APEucNVzzS4q_G9nPJ3OFlss5hZbwW6fCti83JWONmMqE1ryTqNlUVsCi5KStSkYO4KhFz54ViCVbLIqwccaNEouCTaIrqlAmnhbNTsCyAcI4D_Jb5uEpT1QOFfZc8vP7bVW3gV0kKTmEz32VhIpZs7Ghc7DmRN50t7nAqbY9tPk6-7fN-BistQ
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a29c67a9a09b55-FRA
pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2F2t9pxFmtij9hg1g9cP5cjIeh%2BhwXhALIkxOhknVUbNJDLt7nFZ1SzbQswOGE1ADi2zE7iTDwg%2F55%2BZeFwee1AjT8AX7yGSgFg5ZuNqUZtPjlAhMkVVYSRwcYDLUXDCgb1Y3CqfZMlhmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC9jyuxbJDm7zWS1gByxwCA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C052
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyC.NMFiHsAvcKfvsNZe5AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC9jyuxbJDm7zWS1gByxwCA&google_cver=1&google_hm=2

43 B
851 B

36ms
36ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC9jyuxbJDm7zWS1gByxwCA&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYlPXW0QEwAQ&v=APEucNVzzS4q_G9nPJ3OFlss5hZbwW6fCti83JWONmMqE1ryTqNlUVsCi5KStSkYO4KhFz54ViCVbLIqwccaNEouCTaIrqlAmnhbNTsCyAcI4D_Jb5uEpT1QOFfZc8vP7bVW3gV0kKTmEz32VhIpZs7Ghc7DmRN50t7nAqbY9tPk6-7fN-BistQ
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a29c682a6f9b55-FRA
pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fv8l5FDZlgwFotr%2F25iljopyuLhRuy8L5%2F%2FcJpjsS%2FOP4%2FnAvs3zp%2BeMS2v6W49lG%2Bwk66BTfDaQbmiO12enTLrO%2BA0EFMDa8eihZDISr5znpI%2BFWPGQVBWln0yiw1NjDe%2FlFL2WJQAWuw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC9jyuxbJDm7zWS1gByxwCA&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C052
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEbCrYaZKcdh0HogtpxwAiE&google_cver=1

43 B
1016 B

39ms
18ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEbCrYaZKcdh0HogtpxwAiE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYlPXW0QEwAQ&v=APEucNVzzS4q_G9nPJ3OFlss5hZbwW6fCti83JWONmMqE1ryTqNlUVsCi5KStSkYO4KhFz54ViCVbLIqwccaNEouCTaIrqlAmnhbNTsCyAcI4D_Jb5uEpT1QOFfZc8vP7bVW3gV0kKTmEz32VhIpZs7Ghc7DmRN50t7nAqbY9tPk6-7fN-BistQ

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 17:30:28 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b9a03b4d-fdd8-4a69-b270-d51458d73557
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEbCrYaZKcdh0HogtpxwAiE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C052
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI0MDI3NzMyNjUyOTE3ODczOQ%3D%3D

170 B
188 B

66ms
34ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI0MDI3NzMyNjUyOTE3ODczOQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 17:30:28 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ccab3234-7838-483f-9db9-55aa1a696e71
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI0MDI3NzMyNjUyOTE3ODczOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0DBB 6 KB
1 KB 66ms
26ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9461418923686817&output=html&h=280&slotname=8602148905&adk=1861670446&adf=4155832853&pi=t.ma~as.8602148905&w=1094&fwrn=4&fwrnh=100&lmt=1663090227&rafmt=1&psa=0&format=1094x280&url=https%3A%2F%2Fstoriesdown.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663090227332&bpp=3&bdt=607&idt=387&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8171747347928&frm=20&pv=1&ga_vid=719241268.1663090227&ga_sid=1663090228&ga_hid=66467653&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=253&ady=354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178&oid=2&pvsid=3903197890054829&tmod=1162381173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0Bv4qyDWNk&p=https%3A//storiesdown.com&dtd=393

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 16:15:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 13 Sep 2022 17:30:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Sep 2022 17:30:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/ Frame 0DBB 2 KB
902 B 67ms
33ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 17:21:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/ Frame 0DBB 23 KB
9 KB 49ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 15013890920676311251
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 17:20:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/ Frame 0DBB 3 KB
1 KB 60ms
33ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 17:26:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/ Frame 0DBB 17 KB
7 KB 54ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 17:28:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DBB 142 KB
44 KB 60ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 17:30:28 GMT

GET
H2 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 0DBB 33 KB
14 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 14:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 14:45:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0DBB 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7CtVM74gY62RM9aUvPIPiNqFgAmMpMKyapv6p76EEKnpzejWCBABILm0_3xgleKQgqAHoAHusdTBKMgBCagDAcgDywSqBNIBT9Cw7QpGzZWSTJEYc9bOOEy2Sdu_V7z41HnY9hTH_25jkpw1AxXIxU7EzVE6SoH2c0uSOzMITWc636S6D_tbfBsZVTJ0K3c7fy-TdJWVFixR3SgkQ_nd2b0xMEk0h03wCbRiTFuunLTCLTCfOpVvh0DSeD88J9I5yjQ1QvRe_3R-vu9BuFL94oQ-EXIgKRnJiBWspX0Rbad_g96vLlT71zrXNcw1blmCNKBj6nesANJrVGuyAnybTcCEA5xfUD0JCEHVxMWqMyM0x9O_eDL8r0DZwASK6IfZgwSgBi6AB4Th7KcDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQlqAg0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMDiBQD0BUBgBcBshccChoIABIUcHViLTk0NjE0MTg5MjM2ODY4MTcYAA&sigh=dAB4OVL49nY&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9461418923686817&output=html&h=280&slotname=8602148905&adk=1861670446&adf=4155832853&pi=t.ma~as.8602148905&w=1094&fwrn=4&fwrnh=100&lmt=1663090227&rafmt=1&psa=0&format=1094x280&url=https%3A%2F%2Fstoriesdown.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663090227332&bpp=3&bdt=607&idt=387&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8171747347928&frm=20&pv=1&ga_vid=719241268.1663090227&ga_sid=1663090228&ga_hid=66467653&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=253&ady=354&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178&oid=2&pvsid=3903197890054829&tmod=1162381173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0Bv4qyDWNk&p=https%3A//storiesdown.com&dtd=393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 13 Sep 2022 17:30:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16029847503492056398/ Frame 0DBB 20 KB
20 KB 47ms
24ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16029847503492056398/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5d826ef687e1643fedfdf28a12730e6c8bf3c468838c219275a317ebe64f3c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:51:18 GMT
x-content-type-options: nosniff
age: 549550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20013
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 11:53:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Sep 2023 08:51:18 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7562969961515218609/ Frame 0DBB 1 KB
1 KB 52ms
29ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7562969961515218609/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3a343cc32a10ea5f90f1f32a28fe81304c76107473273e0e7de846bff3e8376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 22:09:44 GMT
x-content-type-options: nosniff
age: 156044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 11:14:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 11 Sep 2023 22:09:44 GMT

GET
DATA 200
OK truncated
/ Frame 81A5 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9de4546179c4cff17c0365d7b1f19d7a42610e023d0c38540238dd395cb4f9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DA6B 22 KB
8 KB 21ms
18ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 35861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 07:32:47 GMT
expires: Wed, 13 Sep 2023 07:32:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 81A5 0
26 B 88ms
55ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 17:30:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 0DBB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a86173621bce571931e2e8236b96e9f1e8c15f5582742fc1bed2991b65e59316

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame DA6B 36 KB
16 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 21:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 21:29:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0DBB 15 KB
16 KB 55ms
16ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 89443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 16:39:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0DBB 15 KB
16 KB 58ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 89136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0DBB 15 KB
15 KB 68ms
31ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 360179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Sep 2023 13:27:29 GMT

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DAE 36 KB
16 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 21:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 21:29:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA6B 0
20 B 52ms
51ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCSprM74gY9W_MNK1twe2qq6oCgAAAAA4AeAEAg&bg=!uLulu__NAAZTikH4c4o7ACkAdvg8WorUC4Nn-SXoj7xtK6B0Lo0PR2syOxCcnRxGi1wCm8LbhtrBfQIAAABpUgAAAAJoAQeZAykuPWeJphTDT9Yf-B_EgwNr6DSCJLg9tGRffLDI4UgajxdGVFUGbcWIHZmwC4ol7g06AWZoNPbSL9SKIoMZ-aQ-ssW4NK3hBl7TzKEuhlS5dajayCsvLfsJKZGCZa8p0zeE2RJ5_6HQPwKSKupPdlu57RvLBLb1NCzbcG0IJgTpgWw-hPJrnkmVHDaRrSf4KB5_yaL4G5d29WQ9NhAcXLKQaCbrpyXImSnxNH2CiYzdihoPjgjVEOdeknmn8j-0Nlenp0wvHqa-CEN07et4LVzHzvtjveKupU4I6hrWI2JSHtVXvCp2CtokQcEank6aiMWeuz5kEXN8Au-Y95vMMS3ooeHrg6ST-FjLhMGbpdUapm1pcGy5tRsHBzVHJMJ0RpVzDEBA5imUOCgjppzlr8aqBkpKQoJAwmN3Z8hlsFWNSI0kBRedv8eXhogtogFT6Shd6ElMt4454WPNxd1JOPjvSgTBwillvHz6JcjAO5HvRZ5dW-eCnR1Gs8oBhuJaSWC2SiFYD0xG8U0L9zQXHlx7OoW_gnGVJ165OLWgLhxfG1MVJuphBHXLv_p518hp-WuE8aE97q_XziRRvIYpZXzd6yxnfQU8qjPheAVgTxk3JmJ6YbJP-3NY3OXAkL_Y_pRIOe7kkprwLsDwJQtDqerRQ88epY3nGnZmZIFRjRbd-7k1z05adTzXfaPug3Fi1y2IPsEuqgplUt6Dsdvz0-8dRfLfFnag1MOmEBlUbyva-dB7tgJk3UAJCAVO6UnGTopbkG-DIkPNNTD4-gBfQHQPieoG7G4V_5_Jws-y9AhkVvv3m3_WKsSuawYLuIOkflYea8-LVTMiIZmX9dDpt2hpO9GRZeo29GynJdIb5LevFw-L9MWdCJ-iZn09iOaR68_lXlDRlSYZWPjwSx8eJyT9qkkeOAUBrdcLYQ3bsFfTjKhHuQWBgmZX065fG07fNmeoQq_teFjh-vMmIGpcmu24eSjAMvGvtXWC7QXsGoEHPPan4JdbpN1i9XgM2rldf-GFILo7lXlbHG2LE5JgJxQMK7X54napUPEmg6zRbmu2NRd6YCHLhXkDIA

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8800 624 B
297 B 54ms
53ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARig5qXQATAB&v=APEucNV94mi-uq03I2XHCvDFZWcqzsqdFfmowaqHl-xT_5pOY95W0OliHEqbkzOO7rhs9dzAKk3cEQkdiTiHpU05VBMBzh3WcMnZLyQEwiWnfYE-DjpCBX4Mzf0Lxfezws_U_4ccb8Snz7elRV0g8sDXJxrt-z5xHMxAMtyAgjxQ7zqJkiny0Ss

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9461418923686817&output=html&h=90&adk=250841977&adf=3406953610&pi=t.aa~a.2630554867~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663090228&rafmt=1&to=qs&pwprc=6814385270&psa=0&format=1110x90&url=https%3A%2F%2Fstoriesdown.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663090228077&bpp=1&bdt=1352&idt=1&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D69ee0168bf8465b6-22ed86a91dce003e%3AT%3D1663090227%3ART%3D1663090227%3AS%3DALNI_MaC_tpmvi93ecZdXUkuXHU8eEZR_A&prev_fmts=0x0%2C1094x280&nras=2&correlator=8171747347928&frm=20&pv=1&ga_vid=719241268.1663090227&ga_sid=1663090228&ga_hid=66467653&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178&oid=2&pvsid=3903197890054829&tmod=1162381173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=viHQfiE8L7&p=https%3A//storiesdown.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9461418923686817&output=html&h=90&adk=250841977&adf=3406953610&pi=t.aa~a.2630554867~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663090228&rafmt=1&to=qs&pwprc=6814385270&psa=0&format=1110x90&url=https%3A%2F%2Fstoriesdown.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663090228077&bpp=1&bdt=1352&idt=1&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D69ee0168bf8465b6-22ed86a91dce003e%3AT%3D1663090227%3ART%3D1663090227%3AS%3DALNI_MaC_tpmvi93ecZdXUkuXHU8eEZR_A&prev_fmts=0x0%2C1094x280&nras=2&correlator=8171747347928&frm=20&pv=1&ga_vid=719241268.1663090227&ga_sid=1663090228&ga_hid=66467653&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178&oid=2&pvsid=3903197890054829&tmod=1162381173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=viHQfiE8L7&p=https%3A//storiesdown.com&dtd=14
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 17:30:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A2E2 85 KB
34 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaMev61KyGzaDFpqtmZC5q7OW9w-xMDoz4tbJ9UhLjikQHF7eC94L0QVZKbteT5GYqHRmagqfRc0ejrUI-meWL-VGvoHGzmXv7vt7bsZ113hGgQZw58ZZMvjOIMElIb1EjPrLlZ7DbRRBiV_25gA1FfbHKNg&dbm_d=AKAmf-CL9uvO0xrRAWaAfl8JrCmX28bzmBu9EgvcwT86yjI255ioA48TJpjyC0BIWkFa2gem3l81cbGNKF-eYJsMxlbSu3Rgh4qWtIYnl0VaoTPqd7v6r-PfPUL31Yl3-zRfVVWgZ_Tlu4JrYMMX6983Pwj7dZj0oabTbCvOk2ES1k7IFsaiihTS-H8va39xwKADF8Slm7o6w0RNanwoY872lNfsGNCju8IFfUafdhZH8qg1RteEdI3mO4bEZxVAIjEJNW8-jEdPP11Ar2SlQ5CvNIQMGpkXe70H31jrGyOj6Ju4avVwEY9669evn3FQJStG2lJ5n71HNbs0bWIDfnnTvpSp7O9-_VXDPju1RIFGPHRaCKXGbzmcXVFN5fxVbjVnrwTG3iwnL3gvcBaokDZJsUIidXSBX045uQ0Qr1YNRYPK8ft-lYcUH6VrI8mHgRnnuD19hR31-EB3XFPtRtN5M_rsNAIKhdG0kqBkBz9u6u060pLjXtNbcAKo_vsvRMaLZqLs_Dry_-WLRH476IU6U6SeIMHQ9hPXrl3CQ4urfDUjPA24nw2zPQmG2FZjxvZ9GYdFGfvROY_88lebgwC2EHgvlTW-r6gdems7rUW71xa7CYF2b3t-_oRoQFt_PKKa3aWdlkAahL5tpdukYtMRUfWJQK11J3RC-0uhJczlkRBxDeu0021kaWovBnAExiwWZmXuhdmi7AmxOvJXkL9AFYlG-8JPsW8i5uHHm2Gnp75Rk6Sm6BygN3KwBZhwulPt6ruuNlJ-2IPhZJQyMYxueu8nZeVYrm23UzbB-6mpbykhStb8Nz6V5ZWjBWmBFWSCmZ3IMvvq4fHGW8gnfvhbi2tmRe3Y3rQWidA6EKO8uG84Chxo5jqMjuIilfgcN9fBvD6fF_v5hoQIaSW7Ybv6yuN3P-TqoGLyb6CW3kpfUf2pF70plsH_GFOQb-ChNAPnaCzOHy0gVGNDIhiywg7LajaIHvXipkb39lyQxZZlIq2_FTtSXe8UrRdRiwtR6uwj6k2n7LQu3M84pp3D2cRjtigPZJ2JyBKh2NOoBnEk7F9u99dIyusZ_5S3L6IX6vGevlDMd67Tp1lPbxEq5Xj6iOQgimDEuRzIaVV1JjGgwlgbkwQgIMTe67l-ie4Igq30Zp5n4tyiRsClxo9FEI5hFdx9GXr8Dm7nXE-ixjX_agooVGYb8bYv5HwHASDDwWG3VQZrplsjHCbbniMAHmHlOfbO6WTyjj22GMh3s3YsKy5qXYr4tGOQz0yn1iyILnFBGxym0HfhPSezZbhdc5t5VK2x2UehQKw_1sr47zC6TbrZF2v8jgRueVjm_0exBaujR-wv66sxrH7c4yePGJJSF-qO5bmBgEpVg2LAgxHQlYwhUpz14x8bp2i6GpEfVNlabMx3Izp-6Cd5OOVR1nWwVxeOICyvHfspVU8ixq7MKASn1Y70XQuj8jQHSRNF9VODyUbl-lAss43gUgyXRcAlN1PQKdOnyFBpFhZ7C5tyYBUefiXL_ye0CT9NbcodDay72ikllXfvCY_TJci7iWEGQci1crHrCvBD8Uq7BpYC1FFZt4oQDILdW55SDOY88aKP8yFLJZN5OA2PmtO10JfWnWdhCUEK-RNLUOEP0IpK1tUFvJ-AkI9L4gyeqUsR0AIGCZ-9nqTDlb4n6hAoUPJRRRg3L7JvefhVr8e2V-7UK6tVMLOcd2hp6Xod_CvGk-Gj0vvnhMd0iahFfysDaOnPpPR0Al7puu69nGwKmTysIY1y7Hf3FLs4RYUJ7c20s7fJZfhY19Lu0a_TTcRisRXD_3VRrRQ_wYbmcnsmC5Tc9qXH3yqYgDR16_MPdlN1UcOudcuAT1VUGaSTkzhZHXsk3XtuI-go1g3QlOezUP85mY76-RkJL8YzA5MYvfj6NdAfRkri5i89m_8B8us8V7RWaF_JXbdsXtpoHQxTrZHpuKs6cxWqYTFgU4-fYDX7mVtMFV25sMs95ajpexymHfnVNW6b30jy_WshEmMj5NI0r1QEOYhcNOCqZBVMMiq25zBSC6ZZlGIyct64WzAY0mP60YNUw3cLk83e4o9BPpKmdzyWYDni_9Ws8oRg5EfWIbNW2lOX27xJFvIUVGkxT3MgA9kE3lzfh0jTLQuoLBg63rRV6KGyQ66EnwLf_GULu4-yKKKobAroKTdCkoxhVIHFyeESziA6rudSLBkX5Y_lNsdl1DsPZ43e7fKhdM1REBQyx6jK4gwpRAg5IbgVzh2-pxboOugic4IDUxLCRFKPLzSoEeNtpvxuSUM_O1vl_2aepUuzUd6f7t4GqQtVth79hybHlbOiYKWFt_-YiNuGwD6k6aEq8_DbAMVOZ-xqYXAiOzBVTdS1G0Sc8Jk1BELmWm0PvtW02bsaWlyH2uGMq_kx8RLK0e9M7Dz2k0YnbriZqHyTsbAA04jQuNrEF9b6HJyEb5u_NsLMhmPM4gibQD2kMZmSy5CaAlr2W4Ruql7hffgPsnzQLHY_vXdSSroEqr8Q9E3ZRIsbd6b6T7e4sWiQltxE1_LfsZb2e8BbdKFW4L2fPFcqsy8sI3z2uQtU_urIB8AFCgkteTjbHhv6x9Z5TOMZK5emF0x665lRsZO1EdUCroFWY8l9l7MwIo1UQaCHof5vezxmVhU6QyKxv8_VA1k_YK9PFgApoRYrbE9NpMdPgBTt9CyEJl7aDrxHwaDEokWt-LF2A1kUomZpasX6oHYjywZFPSh7x9_kfTR9N9onWiQlzQRyluRaf6WxShWgCD7MNzKYuknaBnCl4OtK79-rD13sXamxGxZ5b87Xm15P2ShTasWr9JuoCGPw3MAD27ccGTCbFD0ly6BGowwwXYAOvcCBT-YBymE8Fc9bavQtO49fjXLaDWxHBlLFfuo6gBSd7dZxtYgGXFcCxfy-YCiMO41xHf_aczzMbHbap4N_eEtGDVBODebrAMpesuidBSAhJXJ4w-Z0G04Ja78yIK3tW3-E4LgDWIrpiV9QiRm3ojdKLO8HBWTjZWCca1BRDlWb84kaUrfQYeiKUsLIlMAe5tmVHETCbrhom7BAY9z8wSvZIne6VlwTJUlPUQaQAPQv91SLWjugZttdnS_gyRlgTUo&cid=CAASJORodD1RI2Rn4kQ84SxHXEGKVQg9tOd3-sikOnLS1dUJyNXBUA&rfl=2%2Chttps%253A%252F%252Fstoriesdown.com%252F%240

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99c4eb2260b6ddf7e8320c97b713cd72b8d70b16597f9cc851da322a7a6bc7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9461418923686817&output=html&h=90&adk=250841977&adf=3406953610&pi=t.aa~a.2630554867~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663090228&rafmt=1&to=qs&pwprc=6814385270&psa=0&format=1110x90&url=https%3A%2F%2Fstoriesdown.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663090228077&bpp=1&bdt=1352&idt=1&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D69ee0168bf8465b6-22ed86a91dce003e%3AT%3D1663090227%3ART%3D1663090227%3AS%3DALNI_MaC_tpmvi93ecZdXUkuXHU8eEZR_A&prev_fmts=0x0%2C1094x280&nras=2&correlator=8171747347928&frm=20&pv=1&ga_vid=719241268.1663090227&ga_sid=1663090228&ga_hid=66467653&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178&oid=2&pvsid=3903197890054829&tmod=1162381173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=viHQfiE8L7&p=https%3A//storiesdown.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35126
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/ Frame A2E2 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 17:26:26 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A2E2 142 KB
44 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662981969255015"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 17:30:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/ Frame A2E2 17 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220908/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 17:28:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A2E2 0
0 63ms
23ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTiK9RsQwqdyrqD8d6cMl8-Cqff4MA6KPwkNJF5Lo99sWUCuVP2hqkgJiuypSFdDIgAqWiCJrm_SWuE1-taHhcYKM4bKQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9461418923686817&output=html&h=90&adk=250841977&adf=3406953610&pi=t.aa~a.2630554867~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663090228&rafmt=1&to=qs&pwprc=6814385270&psa=0&format=1110x90&url=https%3A%2F%2Fstoriesdown.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663090228077&bpp=1&bdt=1352&idt=1&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D69ee0168bf8465b6-22ed86a91dce003e%3AT%3D1663090227%3ART%3D1663090227%3AS%3DALNI_MaC_tpmvi93ecZdXUkuXHU8eEZR_A&prev_fmts=0x0%2C1094x280&nras=2&correlator=8171747347928&frm=20&pv=1&ga_vid=719241268.1663090227&ga_sid=1663090228&ga_hid=66467653&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178&oid=2&pvsid=3903197890054829&tmod=1162381173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=viHQfiE8L7&p=https%3A//storiesdown.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A2E2 42 B
63 B 49ms
49ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A_NORsc6c0GFn2lamVRN7i_HQV8glDvfPQdS1PJxpwvoysoepNt-dDKGbz9_hcAZV0M8c_gkEj-rLg1PgUuvGs9f_YcYHCvRq9a_Gq8b3SogtT9HQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8800
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSiRbfTNd9pI1_rWl1hd7w&google_cver=1

43 B
839 B

50ms
50ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSiRbfTNd9pI1_rWl1hd7w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARig5qXQATAB&v=APEucNV94mi-uq03I2XHCvDFZWcqzsqdFfmowaqHl-xT_5pOY95W0OliHEqbkzOO7rhs9dzAKk3cEQkdiTiHpU05VBMBzh3WcMnZLyQEwiWnfYE-DjpCBX4Mzf0Lxfezws_U_4ccb8Snz7elRV0g8sDXJxrt-z5xHMxAMtyAgjxQ7zqJkiny0Ss
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a29c69dd329b55-FRA
pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1dfQY2pbEoaG4zr4q%2Bsme5PbN0EhHYI19QiIJBaPjrlcFC0hHgbY2sjlFCj55Bc6gpOq9SUB3OteHeNpyZ8hC3q3CocrPOlgqQzvnGqvvWgYG%2Bfo4PamcJrPcVM11BFk10aEeA%2F8anLTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSiRbfTNd9pI1_rWl1hd7w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8800
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyC.NMFiHsAvcKfvsNZe5AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSiRbfTNd9pI1_rWl1hd7w&google_cver=1&google_hm=2

43 B
844 B

37ms
37ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSiRbfTNd9pI1_rWl1hd7w&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARig5qXQATAB&v=APEucNV94mi-uq03I2XHCvDFZWcqzsqdFfmowaqHl-xT_5pOY95W0OliHEqbkzOO7rhs9dzAKk3cEQkdiTiHpU05VBMBzh3WcMnZLyQEwiWnfYE-DjpCBX4Mzf0Lxfezws_U_4ccb8Snz7elRV0g8sDXJxrt-z5xHMxAMtyAgjxQ7zqJkiny0Ss
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 74a29c6a1df59b55-FRA
pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7neput8nyEqGyP8nE53mzfB%2BMv7NPTfGnCcnX7LwBMY9maAauap9k0lkzpf6xj8xVZ6PQQ2w%2FZ6iPiqlbHHfUkqYO%2FZbw3MsD5m15WbrHPdluOnJoy9eb253P%2Fcwno%2BePutZqGv5hYDfJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELSiRbfTNd9pI1_rWl1hd7w&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8800
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFNmOV9RMQQ2iVIUjPdfwI8&google_cver=1

43 B
1016 B

15ms
15ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFNmOV9RMQQ2iVIUjPdfwI8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARig5qXQATAB&v=APEucNV94mi-uq03I2XHCvDFZWcqzsqdFfmowaqHl-xT_5pOY95W0OliHEqbkzOO7rhs9dzAKk3cEQkdiTiHpU05VBMBzh3WcMnZLyQEwiWnfYE-DjpCBX4Mzf0Lxfezws_U_4ccb8Snz7elRV0g8sDXJxrt-z5xHMxAMtyAgjxQ7zqJkiny0Ss

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 17:30:28 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 02c0295e-784b-429e-aded-96b58feb96ad
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFNmOV9RMQQ2iVIUjPdfwI8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8800
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI0MDI3NzMyNjUyOTE3ODczOQ%3D%3D

170 B
188 B

25ms
25ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI0MDI3NzMyNjUyOTE3ODczOQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Sep 2022 17:30:28 GMT
X-Proxy-Origin: 217.64.151.29; 217.64.151.29; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9c756f84-b4da-4964-bc53-341d89652475
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI0MDI3NzMyNjUyOTE3ODczOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A2E2 170 KB
59 KB 47ms
15ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Sep 2022 16:51:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220908/r20110914/elements/html/ Frame A2E2 8 KB
3 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220908/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaMev61KyGzaDFpqtmZC5q7OW9w-xMDoz4tbJ9UhLjikQHF7eC94L0QVZKbteT5GYqHRmagqfRc0ejrUI-meWL-VGvoHGzmXv7vt7bsZ113hGgQZw58ZZMvjOIMElIb1EjPrLlZ7DbRRBiV_25gA1FfbHKNg&dbm_d=AKAmf-CL9uvO0xrRAWaAfl8JrCmX28bzmBu9EgvcwT86yjI255ioA48TJpjyC0BIWkFa2gem3l81cbGNKF-eYJsMxlbSu3Rgh4qWtIYnl0VaoTPqd7v6r-PfPUL31Yl3-zRfVVWgZ_Tlu4JrYMMX6983Pwj7dZj0oabTbCvOk2ES1k7IFsaiihTS-H8va39xwKADF8Slm7o6w0RNanwoY872lNfsGNCju8IFfUafdhZH8qg1RteEdI3mO4bEZxVAIjEJNW8-jEdPP11Ar2SlQ5CvNIQMGpkXe70H31jrGyOj6Ju4avVwEY9669evn3FQJStG2lJ5n71HNbs0bWIDfnnTvpSp7O9-_VXDPju1RIFGPHRaCKXGbzmcXVFN5fxVbjVnrwTG3iwnL3gvcBaokDZJsUIidXSBX045uQ0Qr1YNRYPK8ft-lYcUH6VrI8mHgRnnuD19hR31-EB3XFPtRtN5M_rsNAIKhdG0kqBkBz9u6u060pLjXtNbcAKo_vsvRMaLZqLs_Dry_-WLRH476IU6U6SeIMHQ9hPXrl3CQ4urfDUjPA24nw2zPQmG2FZjxvZ9GYdFGfvROY_88lebgwC2EHgvlTW-r6gdems7rUW71xa7CYF2b3t-_oRoQFt_PKKa3aWdlkAahL5tpdukYtMRUfWJQK11J3RC-0uhJczlkRBxDeu0021kaWovBnAExiwWZmXuhdmi7AmxOvJXkL9AFYlG-8JPsW8i5uHHm2Gnp75Rk6Sm6BygN3KwBZhwulPt6ruuNlJ-2IPhZJQyMYxueu8nZeVYrm23UzbB-6mpbykhStb8Nz6V5ZWjBWmBFWSCmZ3IMvvq4fHGW8gnfvhbi2tmRe3Y3rQWidA6EKO8uG84Chxo5jqMjuIilfgcN9fBvD6fF_v5hoQIaSW7Ybv6yuN3P-TqoGLyb6CW3kpfUf2pF70plsH_GFOQb-ChNAPnaCzOHy0gVGNDIhiywg7LajaIHvXipkb39lyQxZZlIq2_FTtSXe8UrRdRiwtR6uwj6k2n7LQu3M84pp3D2cRjtigPZJ2JyBKh2NOoBnEk7F9u99dIyusZ_5S3L6IX6vGevlDMd67Tp1lPbxEq5Xj6iOQgimDEuRzIaVV1JjGgwlgbkwQgIMTe67l-ie4Igq30Zp5n4tyiRsClxo9FEI5hFdx9GXr8Dm7nXE-ixjX_agooVGYb8bYv5HwHASDDwWG3VQZrplsjHCbbniMAHmHlOfbO6WTyjj22GMh3s3YsKy5qXYr4tGOQz0yn1iyILnFBGxym0HfhPSezZbhdc5t5VK2x2UehQKw_1sr47zC6TbrZF2v8jgRueVjm_0exBaujR-wv66sxrH7c4yePGJJSF-qO5bmBgEpVg2LAgxHQlYwhUpz14x8bp2i6GpEfVNlabMx3Izp-6Cd5OOVR1nWwVxeOICyvHfspVU8ixq7MKASn1Y70XQuj8jQHSRNF9VODyUbl-lAss43gUgyXRcAlN1PQKdOnyFBpFhZ7C5tyYBUefiXL_ye0CT9NbcodDay72ikllXfvCY_TJci7iWEGQci1crHrCvBD8Uq7BpYC1FFZt4oQDILdW55SDOY88aKP8yFLJZN5OA2PmtO10JfWnWdhCUEK-RNLUOEP0IpK1tUFvJ-AkI9L4gyeqUsR0AIGCZ-9nqTDlb4n6hAoUPJRRRg3L7JvefhVr8e2V-7UK6tVMLOcd2hp6Xod_CvGk-Gj0vvnhMd0iahFfysDaOnPpPR0Al7puu69nGwKmTysIY1y7Hf3FLs4RYUJ7c20s7fJZfhY19Lu0a_TTcRisRXD_3VRrRQ_wYbmcnsmC5Tc9qXH3yqYgDR16_MPdlN1UcOudcuAT1VUGaSTkzhZHXsk3XtuI-go1g3QlOezUP85mY76-RkJL8YzA5MYvfj6NdAfRkri5i89m_8B8us8V7RWaF_JXbdsXtpoHQxTrZHpuKs6cxWqYTFgU4-fYDX7mVtMFV25sMs95ajpexymHfnVNW6b30jy_WshEmMj5NI0r1QEOYhcNOCqZBVMMiq25zBSC6ZZlGIyct64WzAY0mP60YNUw3cLk83e4o9BPpKmdzyWYDni_9Ws8oRg5EfWIbNW2lOX27xJFvIUVGkxT3MgA9kE3lzfh0jTLQuoLBg63rRV6KGyQ66EnwLf_GULu4-yKKKobAroKTdCkoxhVIHFyeESziA6rudSLBkX5Y_lNsdl1DsPZ43e7fKhdM1REBQyx6jK4gwpRAg5IbgVzh2-pxboOugic4IDUxLCRFKPLzSoEeNtpvxuSUM_O1vl_2aepUuzUd6f7t4GqQtVth79hybHlbOiYKWFt_-YiNuGwD6k6aEq8_DbAMVOZ-xqYXAiOzBVTdS1G0Sc8Jk1BELmWm0PvtW02bsaWlyH2uGMq_kx8RLK0e9M7Dz2k0YnbriZqHyTsbAA04jQuNrEF9b6HJyEb5u_NsLMhmPM4gibQD2kMZmSy5CaAlr2W4Ruql7hffgPsnzQLHY_vXdSSroEqr8Q9E3ZRIsbd6b6T7e4sWiQltxE1_LfsZb2e8BbdKFW4L2fPFcqsy8sI3z2uQtU_urIB8AFCgkteTjbHhv6x9Z5TOMZK5emF0x665lRsZO1EdUCroFWY8l9l7MwIo1UQaCHof5vezxmVhU6QyKxv8_VA1k_YK9PFgApoRYrbE9NpMdPgBTt9CyEJl7aDrxHwaDEokWt-LF2A1kUomZpasX6oHYjywZFPSh7x9_kfTR9N9onWiQlzQRyluRaf6WxShWgCD7MNzKYuknaBnCl4OtK79-rD13sXamxGxZ5b87Xm15P2ShTasWr9JuoCGPw3MAD27ccGTCbFD0ly6BGowwwXYAOvcCBT-YBymE8Fc9bavQtO49fjXLaDWxHBlLFfuo6gBSd7dZxtYgGXFcCxfy-YCiMO41xHf_aczzMbHbap4N_eEtGDVBODebrAMpesuidBSAhJXJ4w-Z0G04Ja78yIK3tW3-E4LgDWIrpiV9QiRm3ojdKLO8HBWTjZWCca1BRDlWb84kaUrfQYeiKUsLIlMAe5tmVHETCbrhom7BAY9z8wSvZIne6VlwTJUlPUQaQAPQv91SLWjugZttdnS_gyRlgTUo&cid=CAASJORodD1RI2Rn4kQ84SxHXEGKVQg9tOd3-sikOnLS1dUJyNXBUA&rfl=2%2Chttps%253A%252F%252Fstoriesdown.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 17:27:36 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220908/r20110914/ Frame A2E2 30 KB
12 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220908/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11782
x-xss-protection: 0
server: cafe
etag: 11425859616848618248
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 17:24:14 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A2E2 41 KB
15 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 07:32:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 583C 1 KB
749 B 19ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7124
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 15:31:44 GMT
etag: 48472445140208031
expires: Wed, 14 Sep 2022 15:31:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A2E2 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f94b20583065e70be5e5eec8f1e5f3155c97108039cb18bec00f520278e5ab1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C4AD 22 KB
8 KB 16ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 35861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 07:32:47 GMT
expires: Wed, 13 Sep 2023 07:32:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 583C 35 B
463 B 78ms
17ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBqGuR3F1BstR-qPXgiUgPM&google_cver=1&google_push=AehlK4DsRQ8WBiPhugbqktPnZDFn6kLsMbrVYKuR5zS1GDWUcW1sCjPfKSSWwt-nkzw8wfUPxjSRiwYtWasxZiXkDl-Q3DSaBDR0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 583C 0
98 B 73ms
25ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4DoO20L9lbA8b7st6sz_3aVBHvK6jR4ccwXHEFwG3QKY5bpR9P6JgrfYfeqwcNxvsqUrt-ItPrwrP9lztJrHVnxs1gzuMxB&google_gid=CAESEJWcusXJz23v8dMI4UdptDg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9461418923686817&output=html&h=90&adk=250841977&adf=3406953610&pi=t.aa~a.2630554867~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663090228&rafmt=1&to=qs&pwprc=6814385270&psa=0&format=1110x90&url=https%3A%2F%2Fstoriesdown.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663090228077&bpp=1&bdt=1352&idt=1&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D69ee0168bf8465b6-22ed86a91dce003e%3AT%3D1663090227%3ART%3D1663090227%3AS%3DALNI_MaC_tpmvi93ecZdXUkuXHU8eEZR_A&prev_fmts=0x0%2C1094x280&nras=2&correlator=8171747347928&frm=20&pv=1&ga_vid=719241268.1663090227&ga_sid=1663090228&ga_hid=66467653&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178&oid=2&pvsid=3903197890054829&tmod=1162381173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=viHQfiE8L7&p=https%3A//storiesdown.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 583C 43 B
356 B 119ms
24ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHuL0GaTU-S81lLSXoFCocw&google_push=AehlK4BYFgc9jCycUuzrbp7XzUjlo6HFO8QVsHDFf0TyN46NP754oqW2yV4oQbe49R2Bw5yaZzmS7sZiF4g2_2UJjMVLzs5GmyG7&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9461418923686817&output=html&h=90&adk=250841977&adf=3406953610&pi=t.aa~a.2630554867~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663090228&rafmt=1&to=qs&pwprc=6814385270&psa=0&format=1110x90&url=https%3A%2F%2Fstoriesdown.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663090228077&bpp=1&bdt=1352&idt=1&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D69ee0168bf8465b6-22ed86a91dce003e%3AT%3D1663090227%3ART%3D1663090227%3AS%3DALNI_MaC_tpmvi93ecZdXUkuXHU8eEZR_A&prev_fmts=0x0%2C1094x280&nras=2&correlator=8171747347928&frm=20&pv=1&ga_vid=719241268.1663090227&ga_sid=1663090228&ga_hid=66467653&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178&oid=2&pvsid=3903197890054829&tmod=1162381173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=viHQfiE8L7&p=https%3A//storiesdown.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 583C 43 B
351 B 94ms
25ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKp2rkCeibHPj1-b7NJfCp8&google_cver=1&google_push=AehlK4B1fKBW0PH1M6xz6NbW1wl4wp6hmsESztUWpEdrr7yRmFTc1oZSupoWPtuInseiREPhtRZMFqtJ9q2DK7Yt79-OjcnqbAfc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9461418923686817&output=html&h=90&adk=250841977&adf=3406953610&pi=t.aa~a.2630554867~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663090228&rafmt=1&to=qs&pwprc=6814385270&psa=0&format=1110x90&url=https%3A%2F%2Fstoriesdown.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663090228077&bpp=1&bdt=1352&idt=1&shv=r20220908&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D69ee0168bf8465b6-22ed86a91dce003e%3AT%3D1663090227%3ART%3D1663090227%3AS%3DALNI_MaC_tpmvi93ecZdXUkuXHU8eEZR_A&prev_fmts=0x0%2C1094x280&nras=2&correlator=8171747347928&frm=20&pv=1&ga_vid=719241268.1663090227&ga_sid=1663090228&ga_hid=66467653&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1495&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069178&oid=2&pvsid=3903197890054829&tmod=1162381173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=viHQfiE8L7&p=https%3A//storiesdown.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: gludufkqlkt3nt2e5r5cgvpm2hitqunk

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 583C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=297Yn38DQ5Odg07i8fE1Bg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

29ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=297Yn38DQ5Odg07i8fE1Bg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4A_HQcjS-wOWvAxwGzTmZjZRzpwMLz3xuDdebEOGYp1pkJWreLxrsyDIiO9atREwaHWxO-ebMNUrsroYkMSKvtYXu0CkkCa

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=297Yn38DQ5Odg07i8fE1Bg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4A_HQcjS-wOWvAxwGzTmZjZRzpwMLz3xuDdebEOGYp1pkJWreLxrsyDIiO9atREwaHWxO-ebMNUrsroYkMSKvtYXu0CkkCa
date: Tue, 13 Sep 2022 17:30:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 583C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM5VYC-8rpAl7I-hKC_bf6g&google_cver=1&google_push=AehlK4DpQGlwm4kaS9D5DY9LSjms01OH_mcX0i1AyIoS0_um5cW4zwE_NC1N9uKewNigU7q2mOs...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgwR1pERVAtMVYtUVJC&google_push=AehlK4DpQGlwm4kaS9D5DY9LSjms01OH_mcX0i1AyIoS0_um5cW4zwE_NC1N9uKewNigU7q2mOshXHNvfnT6r2khZWx6CoQMKfu7

170 B
188 B

27ms
27ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgwR1pERVAtMVYtUVJC&google_push=AehlK4DpQGlwm4kaS9D5DY9LSjms01OH_mcX0i1AyIoS0_um5cW4zwE_NC1N9uKewNigU7q2mOshXHNvfnT6r2khZWx6CoQMKfu7

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDgwR1pERVAtMVYtUVJC&google_push=AehlK4DpQGlwm4kaS9D5DY9LSjms01OH_mcX0i1AyIoS0_um5cW4zwE_NC1N9uKewNigU7q2mOshXHNvfnT6r2khZWx6CoQMKfu7
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 583C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK_PKXb90laM_1aI8n1fMXg&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK_PKXb90laM_1aI8n1fMXg&google_hm=YyC-NMFiHsAvcKfvsNZe5AAAFDcAAAIB&google_nid=index&google_push=AehlK4D94vr5wNFr5WaTc7e-oEvK_go8PDK4T...

170 B
188 B

37ms
37ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK_PKXb90laM_1aI8n1fMXg&google_hm=YyC-NMFiHsAvcKfvsNZe5AAAFDcAAAIB&google_nid=index&google_push=AehlK4D94vr5wNFr5WaTc7e-oEvK_go8PDK4ThVrxcUBadp85abfiQJRW_SXjvx9h50rE2cbnPVWlXsG602sp509pykMbPHwfRMr

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Rd04qiG6Qu2I5raWnywXnQ8pUCoMmHzFIg%2B6BV%2F%2Fh6FwkfLNSD2ItTcjosLCABj9M%2Bb2vUy2ba9b8jO%2F1e1Ny9XqOir31d02Cza2PAOOZAJ%2FG9OjYVDr81Vf5xpXt6kxNJzfxWGwMIHcw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK_PKXb90laM_1aI8n1fMXg&google_hm=YyC-NMFiHsAvcKfvsNZe5AAAFDcAAAIB&google_nid=index&google_push=AehlK4D94vr5wNFr5WaTc7e-oEvK_go8PDK4ThVrxcUBadp85abfiQJRW_SXjvx9h50rE2cbnPVWlXsG602sp509pykMbPHwfRMr
cache-control: no-cache
cf-ray: 74a29c6a9d0c9273-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 583C 0
12 B 26ms
25ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K1nqbuGrjQpkRfvDEXwJR10rGtViB0oCvtE_FqXSLJxcAcpV9VZhTkQ9JVLu4KTrNJCTnK

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/1263487268815896576/ Frame 69B3 44 KB
10 KB 56ms
24ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1263487268815896576/728x090.html?e=69&leftOffset=0&topOffset=0&c=F6UP6p20e2&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4351a82e34ba7ad1e6ac887e293cdc37fd3a0bc9b1782a0f57be05518b677a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 17:30:28 GMT
expires: Wed, 13 Sep 2023 17:30:28 GMT
last-modified: Mon, 07 Feb 2022 09:04:36 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A2E2 0
27 B 64ms
64ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuB_VkPs1WRtaFSk4MA8j4tKEiaH8Fx5B1mDv1Qrbf5gE68LJfgcO5u4XnzEiNPAeMl7t8UPkIob-0lASH91dneU-NBZHoJfni5zU2JZ3ad1LCr_DSDVzUbTTxeOrdYvfk_5K8nfmvfh0c8uOXDgs1NEldomFrC9s5hD3S2WqMXvRKGRwR-lrlKMa3Fan_tLzocjNKsecOJQ0TYL9gVg6AprUS4xB4dt3KdT5E6icZcrUdw992-WyXjKhXUATZYs-UJF2wZBPupRZLA7_19hmHjjMAAcUt9NfJctr7ag5cTEJgW1BT2odspbrTpPS5qgTaAzXB2fQv7GjWf1ZQuRvUvdXktgX1pdEerRlpgjZriFeMtC54MLUWLJbUct9BAWnpYaAwfEQQs3Hbx8zbvOTW0fN-xgiO9pP5F5ueylbp_DXZbrnBOeoGGy0-v4RdCPUAVj68XMT8Hc-QzLH7HHg_maopuim0hTydeK60iSvuqsAALsNKBbPErtCBc1nxY4R7DDQcqv4PNkDcB2RZrOS20fZcjzOELLpi4mg66s8AOUiVxJkOgWY2FFsWBXlLW9eoFPNZosjWByr0wTxWPBQALmFjMhHHEqFp33GJE0eLkjEGxA_Mm7N9d7qLleGVaHTbXRMGA0wXy2-hWAk7XW3H1PMFoO0s60M6kKz4-UiPhkGs9_yxVNAFxTW0-qYYZxYW36lLGAuGXL6m3PnCNyUC2AUF5nWgHunXESL7U-ndbiBXC8IVypGQZ2zFpy-0rWGgXTxfRctXUZpIUNWrDWDrQFL-851FiSndZvLcGtnYhGYH2IpnOl4PGLsHtuggj18Fv9IvuaPN1VZJid1Gwm6nGO79p8pqKsTlzrwmMnjK59ZosVby5sVp6hmwecK455u1gNfbZV-Tf5_XHj4vdAzfUEBv18XP7SYs-QepBtsDiizi1b77UXwb16tTstWx8KKHpluGGfbxXWzpjoB_VD2sQCHpFuFnFkwmtdkPUZTimQccEphQUubmuyTllAfaWFAMC8ngqzMRA2iUBN-KTd_Fz5uTQxo8rEIwO0Uop6H8Y2SZCAafy4rrmWMbxI-19_MZLpl1aYpCkC78CiqFuxdeFIazB8Y0VEgiLeiRuxaIvGvLK2ubG6uJjcjk0pR7KYcKfl1E0miUujF9X611ITmmnidCMdDhugTJuZCfikTh5IXXXuh8_t4voDjA-CNBIIUNP9DJ9gbLWS_PnNnpdILRDk3Wnsos4Fh_jAw&sai=AMfl-YRWqrSkuXr3teVL2bIMrFFIQV8KCoL-eFZ5LonuKksrWZSXO704zpFBqnCtbYWAqS4NICjpqY2TKdppyaFQh1upwgHDOxt6jTgesgINo-Vc7nvBvq20m4zsHrpKrEbT53nfjgqRRQ8e6Dm74sGpYlDGgjPncR61U5XC06dn5Kw-GSWTcqDOkJ2eDu-kae5wKxfXNrbOeNs8Nj6TBUHySFCs&sig=Cg0ArKJSzI5BuIozYXCgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=89&cbvp=1&cstd=83&cisv=r20220908.39055&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 13 Sep 2022 17:30:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame C4AD 36 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 21:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 21:29:55 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 69B3 118 KB
40 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1263487268815896576/728x090.html?e=69&leftOffset=0&topOffset=0&c=F6UP6p20e2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1263487268815896576/728x090.html?e=69&leftOffset=0&topOffset=0&c=F6UP6p20e2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 07:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Sep 2022 07:51:00 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 69B3 60 KB
24 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1263487268815896576/728x090.html?e=69&leftOffset=0&topOffset=0&c=F6UP6p20e2&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1263487268815896576/728x090.html?e=69&leftOffset=0&topOffset=0&c=F6UP6p20e2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 17:30:28 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A2E2 0
26 B 59ms
59ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuB_VkPs1WRtaFSk4MA8j4tKEiaH8Fx5B1mDv1Qrbf5gE68LJfgcO5u4XnzEiNPAeMl7t8UPkIob-0lASH91dneU-NBZHoJfni5zU2JZ3ad1LCr_DSDVzUbTTxeOrdYvfk_5K8nfmvfh0c8uOXDgs1NEldomFrC9s5hD3S2WqMXvRKGRwR-lrlKMa3Fan_tLzocjNKsecOJQ0TYL9gVg6AprUS4xB4dt3KdT5E6icZcrUdw992-WyXjKhXUATZYs-UJF2wZBPupRZLA7_19hmHjjMAAcUt9NfJctr7ag5cTEJgW1BT2odspbrTpPS5qgTaAzXB2fQv7GjWf1ZQuRvUvdXktgX1pdEerRlpgjZriFeMtC54MLUWLJbUct9BAWnpYaAwfEQQs3Hbx8zbvOTW0fN-xgiO9pP5F5ueylbp_DXZbrnBOeoGGy0-v4RdCPUAVj68XMT8Hc-QzLH7HHg_maopuim0hTydeK60iSvuqsAALsNKBbPErtCBc1nxY4R7DDQcqv4PNkDcB2RZrOS20fZcjzOELLpi4mg66s8AOUiVxJkOgWY2FFsWBXlLW9eoFPNZosjWByr0wTxWPBQALmFjMhHHEqFp33GJE0eLkjEGxA_Mm7N9d7qLleGVaHTbXRMGA0wXy2-hWAk7XW3H1PMFoO0s60M6kKz4-UiPhkGs9_yxVNAFxTW0-qYYZxYW36lLGAuGXL6m3PnCNyUC2AUF5nWgHunXESL7U-ndbiBXC8IVypGQZ2zFpy-0rWGgXTxfRctXUZpIUNWrDWDrQFL-851FiSndZvLcGtnYhGYH2IpnOl4PGLsHtuggj18Fv9IvuaPN1VZJid1Gwm6nGO79p8pqKsTlzrwmMnjK59ZosVby5sVp6hmwecK455u1gNfbZV-Tf5_XHj4vdAzfUEBv18XP7SYs-QepBtsDiizi1b77UXwb16tTstWx8KKHpluGGfbxXWzpjoB_VD2sQCHpFuFnFkwmtdkPUZTimQccEphQUubmuyTllAfaWFAMC8ngqzMRA2iUBN-KTd_Fz5uTQxo8rEIwO0Uop6H8Y2SZCAafy4rrmWMbxI-19_MZLpl1aYpCkC78CiqFuxdeFIazB8Y0VEgiLeiRuxaIvGvLK2ubG6uJjcjk0pR7KYcKfl1E0miUujF9X611ITmmnidCMdDhugTJuZCfikTh5IXXXuh8_t4voDjA-CNBIIUNP9DJ9gbLWS_PnNnpdILRDk3Wnsos4Fh_jAw&sai=AMfl-YRWqrSkuXr3teVL2bIMrFFIQV8KCoL-eFZ5LonuKksrWZSXO704zpFBqnCtbYWAqS4NICjpqY2TKdppyaFQh1upwgHDOxt6jTgesgINo-Vc7nvBvq20m4zsHrpKrEbT53nfjgqRRQ8e6Dm74sGpYlDGgjPncR61U5XC06dn5Kw-GSWTcqDOkJ2eDu-kae5wKxfXNrbOeNs8Nj6TBUHySFCs&sig=Cg0ArKJSzI5BuIozYXCgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=215&vt=11&dtpt=126&dett=3&cstd=83&cisv=r20220908.39055&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: storiesdown.com
URL: https://storiesdown.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 17:30:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 97ms
64ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220908&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8733ecbe67e880aa21e9362a48a94fa1a71837e92145e334c0fb45939983dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 17:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11023
x-xss-protection: 0

GET
H3 200 CodeProLCW05-Regular.woff
s0.2mdn.net/creatives/assets/2560291/ Frame 69B3 52 KB
52 KB 17ms
17ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2560291/CodeProLCW05-Regular.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65ec5e0481c4ceacde8c5e8fab9d5305fc68496b8c75d7d58fb0e91feaf7f598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1263487268815896576/728x090.html?e=69&leftOffset=0&topOffset=0&c=F6UP6p20e2&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:23:48 GMT
x-content-type-options: nosniff
age: 401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52901
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 12:12:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 17:38:48 GMT

GET
H3 200 CodeProBoldLCW05-Regular.woff
s0.2mdn.net/creatives/assets/2560291/ Frame 69B3 48 KB
48 KB 21ms
21ms Font
font/woff 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2560291/CodeProBoldLCW05-Regular.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92426eb5437b357b9046670556ba89baa8384edcc8734f56b813745bdb9e1cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1263487268815896576/728x090.html?e=69&leftOffset=0&topOffset=0&c=F6UP6p20e2&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:22:05 GMT
x-content-type-options: nosniff
age: 504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49198
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 12:11:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Sep 2022 17:37:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 69B3 7 KB
6 KB 58ms
57ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c7329f7454b60f4048a637606822f12aab0d3007aae586b8acc62fbb548dff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Sep 2022 17:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5742
x-xss-protection: 0

GET
H3 200 60005582_20220906232236078_Intro_728x090.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 69B3 4 KB
4 KB 18ms
17ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220906232236078_Intro_728x090.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b6067cb5bead9eac04e46963ac1e1afb8d1b49aaccecf9b5b1d9012ffc606d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1263487268815896576/728x090.html?e=69&leftOffset=0&topOffset=0&c=F6UP6p20e2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 12:02:35 GMT
x-content-type-options: nosniff
age: 19674
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4348
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 06:22:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Sep 2022 12:02:35 GMT

GET
H3 200 60005582_20220906232450115_Stoerer.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 69B3 2 KB
3 KB 17ms
15ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220906232450115_Stoerer.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

382cc1cdb8a210a039dc3b0e96f706c248c6869e5f65769ba29a9a6fbfcb9797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1263487268815896576/728x090.html?e=69&leftOffset=0&topOffset=0&c=F6UP6p20e2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 12:02:47 GMT
x-content-type-options: nosniff
age: 19662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2536
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 06:24:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Sep 2022 12:02:47 GMT

GET
H3 200 60005582_20220906232301157_ASSET.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 69B3 4 KB
4 KB 18ms
17ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220906232301157_ASSET.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bddda2f6d5992550ab57a42b98c86ef88d77169bd0dfdf730c3974fdd87b56e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1263487268815896576/728x090.html?e=69&leftOffset=0&topOffset=0&c=F6UP6p20e2&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:58:35 GMT
x-content-type-options: nosniff
age: 1914
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4253
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 06:23:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Sep 2022 16:58:35 GMT

GET
H/1.1 200
OK postview.gif
portal.blau.de/nws/img/ Frame 69B3 43 B
634 B 85ms
20ms Image
image/gif 82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_DSP_TRA_HAV_34114_PV&mediacode=28280063_4307561_342407988_154735167_DIV0403A20220907&ref=28280063_4307561_342407988_154735167_DIV0403A20220907
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.236 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 13 Sep 2022 17:30:29 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4AD 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwM9SNL4gY7-ZKqzBx_APr6-ImA8AAAAAOAHgBAI&bg=!T0ylTAjNAAZTikH4c4o7ACkAdvg8Wg4cqLXIG26RBtAqKSeOt1aQDCxxRO3Ng1cDd_uwYDTvQ2QR1AIAAACsUgAAAAJoAQeZAxHc8L2TIu4wO4Gd8TMEVl9EZjCnG7Uq-DMgGIblqKBHTjb9VWClud70wBwJwHlsxISMJZiswgq8lrAwYchAS_b2G-9fzXy4UWXg-lva3tahuoNiNVgDLeF1tR1k3C1-AIqKoDWM-H5-nlljKuyaf9msZw0FEXSJ0Wmx_NJFZDGuh7ueAp2ohXetUAlFuxZNoJJ9hQE-hnqMDrTpsB1CZ2u9wZs1jS6P-SyYekoGzdRaWsgVohL7n50tHL7aVoFCig7LWBbN7V1fiZeZVBdvqvZDzFC7U-LbHZHJ83ctPxzoVhWsxlztZdTMfhcMOZveOpFBk3Nq7tGhReGaLrjuXFZ77WfB89rYGJtfm_fVhm_1tkokd1gCnz6ML7NOdr0azVxnjSZ_5cpwB70yp_aX29hHHITaVf4zPR_pt1uPol2wICxRZ0_P9jfkhOA9wF1axkBJHzcB0XhjT1mS59yE4bxiXL-NLoMBWaYxUudW9Io5D5qEitznR7ZVvWebxIQhE72TTYbnegs7Zg65apJJ3lUqGlwvt7EOOGzFEc1uVnNXL1eefJTXNOHqz9FPLFkYIcDZcAqCnKa8kCh0zgkQkJPZPmJAKN4tQFKDTJn8JvzRN2k4i1DLt2NWvWtKbw_5oCeF591jkHPw2hR-gQYH7x0p50T1WReDXPchMcVJFP34yXJQEbP1_GAy5rRp1ZFPl-Q8qErN3Svv5oHb6mpfuf3fj_e1sHy8AIoOwu6BnCnXmOkss4EJSe90jwcL-0Q5aI9mOZ4pvTpoK-0Khhdkfs-lyz4SNS5phty8b0PL7TU8pxya-Gb3DweLj4wxpMlpo7EkU4pzWkjiDuP-qYYqK4ZLG6RtKpQ-iLi_hCab_O4yM-wlaQarNEs9MpvqBjikrctNEMXajkUjVEHPr7U6P8eOBMxR60NXqMgikxOY9yoFYZjAVfXwHQjEbbYXQBW2OQH91HXidTJAkMje5accFkx51sWX8QFqFFYFIQ6zR4lCpdZJOzk8uC1ZwDFCF-2AyP7uYcOJNeHH6tJNeMddEQJXPQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 69B3 17 KB
6 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 17:30:29 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 17:30:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 334E 13 KB
5 KB 18ms
16ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://storiesdown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 15:13:53 GMT
expires: Wed, 13 Sep 2023 15:13:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 24C0 783 B
536 B 63ms
26ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0b2aabb5aae58876f8a9a16253652527e27c0c7b44454eafac093636ba230f80

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0yP2tOyCn9PS3Z7OKFkG2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://storiesdown.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-0yP2tOyCn9PS3Z7OKFkG2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 17:30:29 GMT
expires: Tue, 13 Sep 2022 17:30:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8356 36 KB
16 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 21:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 21:29:55 GMT

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 334E 36 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 21:29:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Sep 2023 21:29:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 24C0 0
0 50ms
50ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220908&jk=3903197890054829&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 334E 0
10 B 15ms
15ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?t8RiuA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:30:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0DBB 42 B
64 B 54ms
53ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCSKHK7GlhEPqaJyUyq3yDJpgzJ6kV1Qb-3deSY-dwN3cv53CYMFnrDYTNUh-LqW04slqrNp3mSFWBHpRCSEeDya4Uf_fazQ9Vym4Wd8RTM5PZ2ZB8zqF_wgcMiys69epdYIGrt_NZtDpHGJJoD7dGcPVpO6r86waQGXHrdEV1CZrAec3W43mJBSMI20hztpi3CCsO4WrN3AncJqDZ1MaUnt5V2jaK3DaO6cYoX--FkOp1gtSipIOkjBGqwf-h6vSTmC4S8wAEHQ5SQXywswvUc5XnYKROwB9wsjloE9Ef-EOemY-kcgSMWv6_piuqufq2LCcpogviaCjtB0ffgYguW7boal8rOHwZsczRQsnZzwzyKvQlntN5WSDDx1JPIBlg-b37gKG7Fd8OZXL5Ct584lzvONJ8IDj9b8SpSatFKhWiY4I7FAkc3TBzWFZS0Hhqh7Cwid4dBuWm8rm9P7IC-mdn81RfCyPrfGLKXHMFv0p-06Qvprw2_Ol_Yf-fnsz_PKQTq2cevVxYnHQBWL5llEOI2wlF2GvrV-q0NWx_RErYsezjMCwibqeZkSJ2xDXtCUe8zVDRkr1ed59IAmf1ee4H7FOFvNI1iYYyU4NG1lw2eIC3XOTg2hbE3hSf8DHuNztP2Fh9d-10UwRsAwvcfIEHLOspa_pXrN0f6VXaE8CVdmJuEjbtP5_ilP5etMs-CYjoyurM7dF0ofVP7hnFibjyT0LEmFKHOlEPitSZe-9P1B7KZu-YRbEheNxTWBUWUDhn9Mdrwna0cIC9YOXbBHGBYzUcEmMgoL2lQmvj68Xkb-8vGyNJtENx-eJPrrVuMPxJQ330Zd7hWIMYCJzhJAKi1OfU5rLk2qsJjv3PF3boteU5YUTMwgyQQVIboqk7701fQ5aiweTPp4jo0liWvByb3U-qDTyTgwk8ZPxvvO8YLQRtpFopEeyrhw&sai=AMfl-YS3_mvq178OFW8KX8zIxQjywy5hEKpIvADsVNqIh7IRJIhkjdPwedkJnXcIrdt24xV5KuFRD4GWbC0yz-KpUYlcJW5JUKOCcQ&sig=Cg0ArKJSzJe29iIDcP1mEAE&id=lidar2&mcvt=1000&p=0,0,280,1094&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220912&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1861670446&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663090227727&rpt=791&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 81A5 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCSxvYv0pAR0V440sZQX6Xjs1Lgeb4CZsTdibYkivyZtUGGAChHDp2-mWcbwwGuGGpS4BdvvvrscKj4lBhLz0RNc2ffUZDP7pIzinnJjuDtdY8SINRWLCFnLEp&sai=AMfl-YQtbCs9a3N7SNCLGsvaGRrMGzW0d75q4Pr6_AvKccQoy3ekp_zCi0_yhZgEhm5rxS-tp48A39qaYiuc&sig=Cg0ArKJSzOIxdtgPM-13EAE&cid=CAQSGwCsnQUxjZ6OKfPThD129oN-gCAoVb1Qrb5wkBgBIA4&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=426,926,1000,1000,1000&tos=426,500,74,0,0&v=20220912&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663090228207&rpt=337&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Sep 2022 17:30:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
53ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220908&jk=3903197890054829&bg=!t7SltPDNAAZTikH4c4o7ACkAdvg8WrG2gkjw9_C-Yyoz3pQEbXLBqAZaURRURSHV0sY_7LbeurYpnwIAAABUUgAAAANoAQeZAuYX2TX1SSvm4WKn6xEDla9fYW90-Nsq_8zo9ALYIK37uUkHTOl8r61QbsNkedIWUPkOeAphB97p2-QQ5l9kQELJh4nhlZ7DqtwvRPkHTBAEtU1nFgwO7tMYP5d3Tuoncnx6z0txCRXn-RWrQDtwCKdUy46BLz1kioLEjtGhJugys4gcUeyhMR6V0zx4nfNdZ0HtiheTAisOXDxhS07RJuUMlPY0_A5S1d6hwCc89S5nq2UKMPoWdw0h-rJ2sAEVezGX6Q2kSYl8fxV4Y9_i_FXlZOTcfIP74xZkBkChPHaZSfDPmYxttIjjdQaufo4fWxiPvfHlH0P1Vnv0E5bZm5DjKQUy7-jx_yL7prgDeW30ZE2Lyr3Jr20jdfkZKe-hMkIerxXHMoVqQp3WlMLYWxhankTXO2e2g3iqmuHXxUZ9xkolN-4TjZUFcNdIg4ufPWYSLPnLcgPR1lZXgjfKNyfjHvLAS6uwMLe1VwDMKxE_k3Y15r5W5U-jmqpXGj0UjNUZ_Yv_4MtqpnwBs48nCrtbGVeYcy6NUrz7kNukNz3f800wBb1wEYElHe_LCO0JZPmAFLgDBQv0llDETZi_U-7zfQn3nSZrDVH0ZKZH4aq5aj8jt9pc34EaBOfvVzX3TTd3zBpwWRazqhEtk1QdWYQNC91XBv-ZPHLRPJCY_SgEjrf_hVbt-ZT-PEOjm4PzzaVcKn6Pe8aeVnLotKsr8qv1o-YNKtrJzhsGabQOI_0vpHYPk8r-KoKNaAcVk_wPtm6dMSWNA3-OBCaTH-ScAzhIulhG040ZVx2WoJrpzSrbaXFPtTXGt4ChfHHvaDptb__bIKPLQ59dZJ00hA6Re_LQ5ur3gDwoNUpYNRlZm13nDSEuxpqYyXLw-qES6R70x9ResvEmujaZpgEYim0s79BvF09XGCX2CFbu9uTigy4DkFXV98YkRzshDGZig1wYd5ZB5Yh97QG_EyLbII8q73WqZuJ0GrqC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storiesdown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.storiesdown.com/	1970-01-20 15:34:10	Name: _ga Value: GA1.2.719241268.1663090227
.storiesdown.com/	1970-01-20 05:59:36	Name: _gid Value: GA1.2.193684922.1663090227
.storiesdown.com/	1970-01-20 05:58:10	Name: _gat Value: 1
.storiesdown.com/	1970-01-20 05:58:12	Name: __cf_bm Value: AdVwFRottDntqSe4x3epB_4MQ7Sf5leT7a2NSnIWHXg-1663090227-0-AdYUBF7/+CGxWFBzucUItJ8kjaHdQgNhU+oeWcd65USFQbLXlG0RmhmZUuoXVgdyfGoiAmrsmD5SuzHWcnU/fRhmW5oFzXA66cV+0kG4DdvGTk8rknr6qjn95Qdrys9Uxg==
.storiesdown.com/	1970-01-20 15:19:46	Name: __gads Value: ID=69ee0168bf8465b6-22ed86a91dce003e:T=1663090227:RT=1663090227:S=ALNI_MaC_tpmvi93ecZdXUkuXHU8eEZR_A
.adnxs.com/	1970-01-20 08:07:46	Name: uuid2 Value: 3240277326529178739
.casalemedia.com/	1970-01-20 14:43:46	Name: CMID Value: YyC.NMFiHsAvcKfvsNZe5AAA
.casalemedia.com/	1970-01-20 08:07:46	Name: CMPS Value: 5175
.casalemedia.com/	1970-01-20 08:07:46	Name: CMPRO Value: 5175
.doubleclick.net/	1970-01-20 15:19:46	Name: IDE Value: AHWqTUlXUe8swTDKtGh5g_pk812xHRhCbGSZ1LXygj4VyXzjXZ2Dhqjd84doR6QlBpI
.adnxs.com/	1970-01-20 08:07:46	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In3<-dOG!@wnfH8K6pQK`!5=E<L5?%M3DwK74@?G1hrYbt4KlY+0-ByS9AE!2ZS?98%nugO%v4VB%nnr_*1(!%
.pubmatic.com/	1970-01-20 05:59:36	Name: KTPCACOOKIE Value: YES
.quantserve.com/	1970-01-20 08:07:46	Name: d Value: EDQBCQGLJ4EA
.quantserve.com/	1970-01-20 15:28:24	Name: mc Value: 6320be34-d9b75-26eec-b7377
.pubmatic.com/	1970-01-20 08:07:46	Name: KADUSERCOOKIE Value: DBDED89F-7F03-4393-9D83-4EE2F1F13506
.casalemedia.com/	1970-01-20 08:07:46	Name: CMTS Value: 5148
.blau.de/	1970-01-20 06:08:15	Name: webShopPV Value: ?partnerId=BLU_DSP_TRA_HAV_34114_PV&mediacode=28280063_4307561_342407988_154735167_DIV0403A20220907&ref=28280063_4307561_342407988_154735167_DIV0403A20220907

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4DoO20L9lbA8b7st6sz_3aVBHvK6jR4ccwXHEFwG3QKY5bpR9P6JgrfYfeqwcNxvsqUrt-ItPrwrP9lztJrHVnxs1gzuMxB&google_gid=CAESEJWcusXJz23v8dMI4UdptDg&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.imgur.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
portal.blau.de
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
storiesdown.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.18.126
104.18.19.126
142.250.184.226
142.250.186.130
142.250.74.194
151.101.12.193
198.47.127.19
2606:4700:20::681a:90e
2606:4700::6811:190e
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:806::2003
2a00:1450:4001:808::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:400c:c00::9b
34.98.67.61
35.227.252.103
35.244.174.68
37.252.173.22
69.173.144.165
82.113.101.236
0464850d61992280189e3aec50a21e8a186fa2561da4b6b452bfe0d29371d0a2
092ef5f663f7a25de5ec7c9d1a20ffee211e57af768f91f724df416d27ab6381
0b2aabb5aae58876f8a9a16253652527e27c0c7b44454eafac093636ba230f80
0b7a4973a5ef762858ec7bb858225e608aa0b17794249b982c07faebfaaa74e0
0b82ab5fdba8e0147e38e89237ea4a430f0d7017c313d9b8e56a309acde756c0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7329f7454b60f4048a637606822f12aab0d3007aae586b8acc62fbb548dff7
0e33dd63c6aa372e6eaaf540e31a58016b1c21470ecc7f39916306c49f3eeb10
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1f8d48ebafc9af4fbbeb3ca26e4528e96c7b909d1bc10483fc9b926900586ad0
20e9484aa98773396db2247992566783c0fefc024534751c70bee4572e992fa9
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840
2716e4cfbd7684b8ff6bc346578233356fad30563c76a86997ed614f7023982a
2e65be57ba022d1f05cec2f93cb6642d111c1105882dd7a04d4f649801c7d420
32fbfd378627b6e06bb3a55e4cd60c37376a6585b2eb5ca0ab7a5629195a59ec
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
382cc1cdb8a210a039dc3b0e96f706c248c6869e5f65769ba29a9a6fbfcb9797
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
4351a82e34ba7ad1e6ac887e293cdc37fd3a0bc9b1782a0f57be05518b677a4c
45b6067cb5bead9eac04e46963ac1e1afb8d1b49aaccecf9b5b1d9012ffc606d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcddb7b2d3bc90e34cc5230200b034212bf742014003f8aac4380bf7ef241ad
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
513bf34604e9e7860aef61a613f9b2bfd91c8893594caa25f75feef7edf34b8a
51b47d2deee49fcf6b0250bab75d46664b42ead56ecf2510ee17d5301ee33b66
55087c655b92aab9eff860d5bf3e0c766ad4f02108ba4ddcfd2df0dea59dcc5e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b4bfbd058abc2d8404253ef5a0de3264b8b1e60d00f782567915be86813538
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5aa827c699085f8b07ac0c24f3c001925e6cebd2fc1e4551e0dc91679294bdcc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
65ec5e0481c4ceacde8c5e8fab9d5305fc68496b8c75d7d58fb0e91feaf7f598
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f44e37ff610820517d77683ad15373fcc854c3f71e39283d1b5d83a0ae668c3
6f94b20583065e70be5e5eec8f1e5f3155c97108039cb18bec00f520278e5ab1
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
79840e3941298bc0e758ddbf2c931e8c24ebd61fd459d25579b8bbd345a67cc3
7aeecaf4c799f24f22e871a6f546ca89116cf11288c7a8ff42f11401dd5445c6
7c3d1b38f425b27b78fa85b6856644ff546261400ee3a2835c9925ffcada6471
870bcab4e803ebc9e15f6ecd726c2b553dfe9f986844240ac9e20e7cd4622244
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
88339ceb8845c5c33c3723412c79d369336b75da11ca03320bbd7493b02bdd86
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b4c77a5be1b8dc9ba4d89d73665264bb0b737cc1d423b11c376b02099219a56
8bdd5a651bcebd9e1ecd443172bd4c983d64765f04c28e1b55a0a63467e4d035
916f8b37b985e5dc263066132fbe2fc4f86b8b45efbdc60495d645c08892f805
92426eb5437b357b9046670556ba89baa8384edcc8734f56b813745bdb9e1cc6
947796d8a17c209cc5d1373fa2c987f61a4249c4adea903fe5ca4d7307985926
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99c4eb2260b6ddf7e8320c97b713cd72b8d70b16597f9cc851da322a7a6bc7c2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a86173621bce571931e2e8236b96e9f1e8c15f5582742fc1bed2991b65e59316
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b71e88c89227ae328408fe8d5d237823c86e52231da8c83ca7df93d47bf67a6f
b85e8880c48d4cc0d5e50199e6ab895f2cd8173472386049d1a325fc070139cd
b9de4546179c4cff17c0365d7b1f19d7a42610e023d0c38540238dd395cb4f9c
bddda2f6d5992550ab57a42b98c86ef88d77169bd0dfdf730c3974fdd87b56e1
bfdbf4a417af7db9e516fde6702fae84a12dbbfbdb33a6530a79209b619914f3
c3a343cc32a10ea5f90f1f32a28fe81304c76107473273e0e7de846bff3e8376
c78d253689d8e95b40ed028fcb10a935e941fc366671c06471f83c6833c66234
ce326c98101b1361692792459fe021070cf63ec7bc4b5dad746ab8d23ea3edba
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
cfdc899acbfcc65a0a9a522cfc0ef7eabe9be878d4981c59b6c36065d1b9509f
d48e1cbdaaa1cb95b685744d06b6f190cdc12ef36d27e386e947dcb092601e59
d5d826ef687e1643fedfdf28a12730e6c8bf3c468838c219275a317ebe64f3c4
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8733ecbe67e880aa21e9362a48a94fa1a71837e92145e334c0fb45939983dd9
f9a273b0b59f302a5a6c290a6c7876ba6121c9ffc7863d8bb1e82070f01cfd16

storiesdown.com Open in urlscan Pro 2606:4700:20::681a:90e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

135 Requests

92 %HTTPS

57 %IPv6

23 Domains

30 Subdomains

28 IPs

4 Countries

1608 kBTransfer

3825 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

storiesdown.com Open in urlscan Pro
2606:4700:20::681a:90e Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

92 %
HTTPS

57 %
IPv6

23
Domains

30
Subdomains

28
IPs

4
Countries

1608 kB
Transfer

3825 kB
Size

17
Cookies

135 HTTP transactions
3 data transactions