www.coindesk.com Open in urlscan Pro
2a02:26f0:6c00::210:ba10  Public Scan

64 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

• https://unpkg.com/three HTTP 302
• https://unpkg.com/three@0.134.0 HTTP 302
• https://unpkg.com/three@0.134.0/build/three.js

Request Chain 13

• https://unpkg.com/three/examples/js/controls/TrackballControls.js HTTP 302
• https://unpkg.com/three@0.134.0/examples/js/controls/TrackballControls.js

Request Chain 14

• https://unpkg.com/three-globe HTTP 302
• https://unpkg.com/three-globe@2.21.3 HTTP 302
• https://unpkg.com/three-globe@2.21.3/dist/three-globe.min.js

Request Chain 25

• https://www.google.com/pagead/landing?gcs=G111&gcd=G111&rnd=1530932766.1637594363&url=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F&gtm=2wgba1W9J8GSW&auid=2101295102.1637594363 HTTP 302
• https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=1530932766.1637594363&url=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F&gtm=2wgba1W9J8GSW&auid=2101295102.1637594363

Request Chain 76

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkqx5VNkot3Jkn42ctNVro&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkqx5VNkot3Jkn42ctNVro&google_cver=1&C=1

Request Chain 77

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZu0-W.eWNCBYH22NXN0FQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkqx5VNkot3Jkn42ctNVro&google_cver=1&google_hm=2

Request Chain 78

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESED2_o2OrNtEBEYYhLR09ufo&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED2_o2OrNtEBEYYhLR09ufo%26google_cver%3D1

Request Chain 79

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDczODU0Mjc0OTU0NDQyNzg3NQ%3D%3D

Request Chain 89

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDEH8ej3PFt29j93pOenCC4&google_cver=1&google_push=AYg5qPItIS_zrcXy6pBNXmz5NzFv0wv0k366JlwGx6tfo8IX1rcxywzlMrUB1o1aEyv8l8wnXtKpdeYsSI6Kz5ZjhtQRoq_eOzlb HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzE3MTExNTAyNzAwNTc2OTc2Mg==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDEH8ej3PFt29j93pOenCC4&google_cver=1

Request Chain 90

• https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMfC2afkoTfXJHKWf-av7z8&google_cver=1&google_push=AYg5qPJRFN76hL7b5160oUNyxlek8VuGcCWSbO1GMwVZz8eX72QXBlT35yOOxATIcmxCZXBos9K12UDaWPJPd-pvWjAtwG_XcXs HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJRFN76hL7b5160oUNyxlek8VuGcCWSbO1GMwVZz8eX72QXBlT35yOOxATIcmxCZXBos9K12UDaWPJPd-pvWjAtwG_XcXs

Request Chain 91

• https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMwYcy3cbwN0fTT1ncRpYSI&google_cver=1&google_push=AYg5qPIz_quUqL6UVOesAAryL8uBUNtGCElkQroxQaXGglH9Auz4BNRdwjNxjHnq8C_czAC9wDdCDOrx4lNWjQLlDypVhuDA4awC HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-60b71a13-0196-4fe7-b4d4-9189f0894612-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIz_quUqL6UVOesAAryL8uBUNtGCElkQroxQaXGglH9Auz4BNRdwjNxjHnq8C_czAC9wDdCDOrx4lNWjQLlDypVhuDA4awC%26google_hm%3DA2C3GhMBlk_ntNSRifCJRhI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIz_quUqL6UVOesAAryL8uBUNtGCElkQroxQaXGglH9Auz4BNRdwjNxjHnq8C_czAC9wDdCDOrx4lNWjQLlDypVhuDA4awC&google_hm=A2C3GhMBlk_ntNSRifCJRhI

Request Chain 92

• https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEH3IgahPNmTu1UoCXM-src8&google_cver=1&google_push=AYg5qPI_PDhmiogvxBEkTARZ08k12k2hYn7S8YcV6LMkrVdRDgaO9LRa1pXE0dtvPDX1kiLLyFnAedYapuQbW2LnefxmEkYGFeMF HTTP 302
• https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPI_PDhmiogvxBEkTARZ08k12k2hYn7S8YcV6LMkrVdRDgaO9LRa1pXE0dtvPDX1kiLLyFnAedYapuQbW2LnefxmEkYGFeMF&google_gid=CAESEH3IgahPNmTu1UoCXM-src8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ5NTI4MDY0NTg2MDQxNTA5OA%3D%3D&google_push=AYg5qPI_PDhmiogvxBEkTARZ08k12k2hYn7S8YcV6LMkrVdRDgaO9LRa1pXE0dtvPDX1kiLLyFnAedYapuQbW2LnefxmEkYGFeMF

Request Chain 94

• https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEATD7iCJK2cYA37Euhjp7pY&google_cver=1&google_push=AYg5qPJ4E0jPS4xIto8cbpjNiwAJQKjpK8uFCA3vnNT57YVq4QBMXTektubLUxaHftUZKa3NG63gXG6vcR9UbRuT4MeOqSE_470-8A HTTP 302
• https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEATD7iCJK2cYA37Euhjp7pY&google_cver=1&google_push=AYg5qPJ4E0jPS4xIto8cbpjNiwAJQKjpK8uFCA3vnNT57YVq4QBMXTektubLUxaHftUZKa3NG63gXG6vcR9UbRuT4MeOqSE_470-8A&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEATD7iCJK2cYA37Euhjp7pY&google_cver=1&google_push=AYg5qPJ4E0jPS4xIto8cbpjNiwAJQKjpK8uFCA3vnNT57YVq4QBMXTektubLUxaHftUZKa3NG63gXG6vcR9UbRuT4MeOqSE_470-8A&apid=UP9404b206-4ba7-11ec-9a64-06ff4103d6f8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NDA0YjIwNi00YmE3LTExZWMtOWE2NC0wNmZmNDEwM2Q2Zjg%3D&google_push=AYg5qPJ4E0jPS4xIto8cbpjNiwAJQKjpK8uFCA3vnNT57YVq4QBMXTektubLUxaHftUZKa3NG63gXG6vcR9UbRuT4MeOqSE_470-8A

Request Chain 95

• https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOZ0r9GdILpfv-uPhg_9fwA&google_cver=1&google_push=AYg5qPLDyDclNx-mtpufemrMwecQ-pnrbJ1kvGPio_9GELLNdE0RNebrUPHXFgvy0SDsuSwgXfEtR0-esUD2ZVS0AheaAUKpm6LE7w HTTP 302
• https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOZ0r9GdILpfv-uPhg_9fwA&google_cver=1&google_push=AYg5qPLDyDclNx-mtpufemrMwecQ-pnrbJ1kvGPio_9GELLNdE0RNebrUPHXFgvy0SDsuSwgXfEtR0-esUD2ZVS0AheaAUKpm6LE7w&verify=true HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wZXVPVXRaRTJ1Rms1Z0Zja3N3cTRPU1Rib1Y4d21CbX5B&google_push=AYg5qPLDyDclNx-mtpufemrMwecQ-pnrbJ1kvGPio_9GELLNdE0RNebrUPHXFgvy0SDsuSwgXfEtR0-esUD2ZVS0AheaAUKpm6LE7w

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/	351 KB 88 KB	4344ms 4249ms	Document text/html	2a02:26f0:6c00::210:ba10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software openresty / Resource Hash c922695c6acb01686897906a66b4091f46674ab5ee4c502a60e85e510c63b000 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html; charset=utf-8 content-length 89510 server openresty content-encoding gzip etag W/"57a84-N+kjCI4wSZdecJoLYzUcjnnKh/Q" last-modified Mon, 22 Nov 2021 15:19:22 GMT vary Accept-Encoding cache-control private, max-age=60 expires Mon, 22 Nov 2021 15:20:22 GMT date Mon, 22 Nov 2021 15:19:22 GMT content-security-policy upgrade-insecure-requests
GET H2	200	react.js Show response www.coindesk.com/pf/dist/engine/	267 KB 85 KB	22ms 18ms	Script application/javascript	2a02:26f0:6c00::210:ba10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.coindesk.com/pf/dist/engine/react.js?d=106 Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software openresty / Resource Hash 2c20a214072444fff990f511c11ef179971bc3357e666b2240b1cd4ca06da2fe Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 22 Nov 2021 15:19:23 GMT content-encoding gzip last-modified Mon, 22 Nov 2021 13:57:11 GMT server openresty x-amz-request-id E6AWPN10029GE5RX etag W/"f434b0387178d12207aa7ef8050f2e70" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 content-security-policy upgrade-insecure-requests content-length 86004 x-amz-id-2 27GA9mtZ2jcPXJVcDGcav9Eyf26ya3ZPqmYVqyTcIB+QUi9CqokpCX4FkwjnbsQPIZ/7lBi0+2Y= expires Tue, 22 Nov 2022 15:19:23 GMT
GET H2	200	default.js Show response www.coindesk.com/pf/dist/components/combinations/	2 MB 551 KB	64ms 61ms	Script application/javascript	2a02:26f0:6c00::210:ba10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.coindesk.com/pf/dist/components/combinations/default.js?d=106 Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software openresty / Resource Hash c2214c1842f8038e82a77483514933fcc43fea34c8ef774d0b2699b8c8e4572b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 22 Nov 2021 15:19:23 GMT content-encoding gzip last-modified Mon, 22 Nov 2021 13:57:11 GMT server openresty x-amz-request-id E6AW66CCXYDG2FV4 etag W/"aafe7706c526d76ac233ea6e2303d3f3" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 content-security-policy upgrade-insecure-requests content-length 562348 x-amz-id-2 EGcxFL4hLUrrTa3h5hdIGGHBL4ygVnpehMq0zqAJzP11b+PUzzBdRPYVh7HSKMl+aSdmWI/Oy3E= expires Tue, 22 Nov 2022 15:19:23 GMT
GET H2	200	default.css www.coindesk.com/pf/dist/components/combinations/	46 KB 6 KB	33ms 29ms	Stylesheet text/css	2a02:26f0:6c00::210:ba10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.coindesk.com/pf/dist/components/combinations/default.css?d=106 Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software openresty / Resource Hash 492a5b54f0003dd15e8b442cb3319b52c1b926d7b449925876844f4086818b96 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 22 Nov 2021 15:19:23 GMT content-encoding gzip last-modified Mon, 22 Nov 2021 13:57:11 GMT server openresty x-amz-request-id E6AZXRNZMCH4D5JT etag W/"28501e45de99b9b08fb4077fe63837d8" vary Accept-Encoding content-type text/css; charset=utf-8 cache-control public, max-age=31536000 content-security-policy upgrade-insecure-requests content-length 5660 x-amz-id-2 qGBvcxkn6w0/tkDh+0PW8Z/YEGl0BaYNjl92SDD+5h/Hm/Tknt2M+4Z0vL2kH8nnvAcn4U/tz2w= expires Tue, 22 Nov 2022 15:19:23 GMT
GET H2	200	fonts.css downloads.coindesk.com/arc-hosted-fonts/	3 KB 689 B	42ms 4ms	Stylesheet text/css	143.204.207.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://downloads.coindesk.com/arc-hosted-fonts/fonts.css Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.207.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-207-50.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 78f343271fcc8d0efa302b6d9d37f257a2512de5d63c0aab779fbe58e8991665 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 07:09:18 GMT content-encoding gzip last-modified Thu, 26 Aug 2021 05:53:04 GMT server AmazonS3 age 113441 etag W/"1e1a1d5bcf7e524ff0af5b22112b8c96" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 61adf71a363fe0f836dc69dbb43de824.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 x-amz-cf-id wr1LGnhgNiOMW9d8F54UuBu_QIvUN4Zodt9KP-lLfJ2WzDyO26IvwA==
GET H2	200	main.css www.coindesk.com/pf/resources/styles/	4 KB 1 KB	40ms 37ms	Stylesheet text/css	2a02:26f0:6c00::210:ba10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.coindesk.com/pf/resources/styles/main.css?d=106 Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software openresty / Resource Hash 82a505f82ddfbd329eee4ef3bfc5f06c1c9cd9841f42a23b6d1a49556b35848e Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 22 Nov 2021 15:19:23 GMT content-encoding gzip last-modified Mon, 22 Nov 2021 13:57:10 GMT server openresty x-amz-request-id E6AMY2EMK34170G8 etag W/"d43c6e39fbed8e30ceff1e41c3382878" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 content-security-policy upgrade-insecure-requests content-length 669 x-amz-id-2 /F10SxDlag8lo2O8tQPyqMQSzd/HvQxjrtixt5r9YyiLivwnDZYwNBSeG9ratgIIx3h5NSBI4AA= expires Tue, 22 Nov 2022 15:19:23 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	77 KB 27 KB	74ms 17ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash e0d71e9e83d526a320cdee881361d1abcf386a92a21c116a31976690453bc75c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:23 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1051 / 896 of 1000 / last-modified: 1637582729" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26883 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 22 Nov 2021 15:19:23 GMT
GET H2	200	powa-boot.js Show response www.coindesk.com/pf/resources/scripts/	37 KB 13 KB	36ms 35ms	Script application/javascript	2a02:26f0:6c00::210:ba10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.coindesk.com/pf/resources/scripts/powa-boot.js?d=106 Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software openresty / Resource Hash a15c532b5cc2348b22f9aba002c227b202bbf4d89b0935c7d7b44625e9fbf140 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 22 Nov 2021 15:19:23 GMT content-encoding gzip last-modified Mon, 22 Nov 2021 13:57:11 GMT server openresty x-amz-request-id E6ANDPEVR34YS89J etag W/"1e6d14459c8008db0c97244928dce3df" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 content-security-policy upgrade-insecure-requests content-length 13237 x-amz-id-2 NE2Z8kgDD/350N0FqQuPaav3M3c0b0bSkdvNAk1Bs+tPvvYyK2IEL/7s/S+xJQZjhFqL6HuHuH4= expires Tue, 22 Nov 2022 15:19:23 GMT
GET H2	200	powa-drive.js Show response www.coindesk.com/pf/resources/scripts/	270 KB 70 KB	46ms 43ms	Script application/javascript	2a02:26f0:6c00::210:ba10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.coindesk.com/pf/resources/scripts/powa-drive.js?d=106 Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software openresty / Resource Hash 71f05c23ca6f15527195f528f8a32cb4848fc49e077cfe8a33f8687db9733f55 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 22 Nov 2021 15:19:23 GMT content-encoding gzip last-modified Mon, 22 Nov 2021 13:57:11 GMT server openresty x-amz-request-id E6ARP1C42HCBHFQ8 etag W/"a9babce34d1ab86c1eccc0ee19227bc2" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 content-security-policy upgrade-insecure-requests content-length 70828 x-amz-id-2 0wOusCccQL7AVTUdD6YQq4V44basv+dzx6pck/TUxr2IKBbuI8ugpx3PhEojBKYrKY0EvWfJ5xI= expires Tue, 22 Nov 2022 15:19:23 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	174 KB 62 KB	70ms 18ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-W9J8GSW Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 76cd76d544b883080836869aa2bb88bddd2e4c4c2b04f862cbfab9c50ceccdb8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:23 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 63318 x-xss-protection 0 last-modified Mon, 22 Nov 2021 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 22 Nov 2021 15:19:23 GMT
GET H2	200	Y6VEVMGXO5GVXF4JSWWPHVBRBQ.jpg cloudfront-us-east-1.images.arcpublishing.com/coindesk/	301 KB 302 KB	68ms 14ms	Image image/jpeg	13.32.19.23 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cloudfront-us-east-1.images.arcpublishing.com/coindesk/Y6VEVMGXO5GVXF4JSWWPHVBRBQ.jpg Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.19.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-19-23.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash ac85c95f7293ed6627d485e6647520071e90b64fbb5ba0727309a6bdbd652047 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 09:18:36 GMT via 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront) last-modified Sat, 07 Aug 2021 13:24:10 GMT server AmazonS3 age 21648 etag "7a016aebd66b45c5e8327f82466b8643" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class INTELLIGENT_TIERING x-amz-cf-pop FRA56-C2 accept-ranges bytes content-length 308308 x-amz-cf-id lENx6mDW566UWuBdLYE0QQrWeUj_2nReOjPKzXhIHJBO6PR-bToL_g==
GET H/1.1	200 OK	c94c53e3-b966-4701-8550-86d149ccb7f0.jpg s3.amazonaws.com/arc-authors/coindesk/	144 KB 144 KB	462ms 126ms	Image image/jpeg	52.217.206.80 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.amazonaws.com/arc-authors/coindesk/c94c53e3-b966-4701-8550-86d149ccb7f0.jpg Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.206.80 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash ec29e3dadeba70040d0c00d38bcd6753d7ec8f4956168a01841eb4cf13435f9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon, 22 Nov 2021 15:19:24 GMT Last-Modified Wed, 25 Aug 2021 13:43:00 GMT Server AmazonS3 x-amz-request-id RR6WAFYTDRN5XGG4 ETag "6166af00f9ec1a3840f6285a5f93ce4e" Content-Type image/jpeg x-amz-storage-class INTELLIGENT_TIERING Cache-Control no-cache Accept-Ranges bytes Content-Length 147099 x-amz-id-2 7AFjYwoHkswIB+0H+uxrdrG4T0Pv+CjE3SmVVL5QwobukfxinBZHI0oI6TS2/rAgodKj0fxiiMc=
GET H2	200	on_load.js Show response www.coindesk.com/pf/resources/scripts/	299 B 569 B	31ms 26ms	Script application/javascript	2a02:26f0:6c00::210:ba10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.coindesk.com/pf/resources/scripts/on_load.js?d=106 Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software openresty / Resource Hash 5de9471b9e3bf51cbe3cc0c4cab03b92c2450697f636a2e95ec212a8f8b1a927 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 22 Nov 2021 15:19:23 GMT content-encoding gzip last-modified Mon, 22 Nov 2021 13:57:10 GMT server openresty x-amz-request-id E6ARPZ0R3R1095Z9 etag W/"175f879014925ed982e202600c6de4fb" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 content-security-policy upgrade-insecure-requests content-length 177 x-amz-id-2 6T1tZoQ3hJrVg+NuUFU4mswTFuI1EHMpNAIvK6xG0xa3PQFA8fm9+tTw0JXkW6/uwF4cM/TQCns= expires Tue, 22 Nov 2022 15:19:23 GMT
GET H2	200	three.js Show response unpkg.com/three@0.134.0/build/ Redirect Chain https://unpkg.com/three https://unpkg.com/three@0.134.0 https://unpkg.com/three@0.134.0/build/three.js	1 MB 235 KB	83ms 77ms	Script application/javascript	2606:4700::6810:7baf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/three@0.134.0/build/three.js Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Server 2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 072936c806f793e13b22f1d31002f5b4c6ad8d0efdadb5f45157348ddf27243f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:23 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 2160158 fly-request-id 01FK3QK3NS2CGQ1GXA9FHYGMJ5 content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"11cc2a-KKMe3xNd8QHAIWKPME9aV6hEODk" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 6b2322c29d03d600-MXP Redirect headers date Mon, 22 Nov 2021 15:19:23 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01FK3QK3HTQMF7B5VQFBQN8DCE server cloudflare age 2160159 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 location /three@0.134.0/build/three.js cache-control public, max-age=31536000 strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6b2322c21c0ed600-MXP access-control-allow-origin *
GET H2	200	TrackballControls.js Show response unpkg.com/three@0.134.0/examples/js/controls/ Redirect Chain https://unpkg.com/three/examples/js/controls/TrackballControls.js https://unpkg.com/three@0.134.0/examples/js/controls/TrackballControls.js	17 KB 4 KB	51ms 49ms	Script application/javascript	2606:4700::6810:7baf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/three@0.134.0/examples/js/controls/TrackballControls.js Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Server 2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe70a43414440467e60f749a39f251e184f491f5390d7e3c053fc3990ee872a4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:23 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 2160158 fly-request-id 01FK3QK3HSMBFEREE4P1W6FHKT content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"45a1-vXVZ7LWoLRqmOD2q12T0w8tDnys" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 6b2322c21c12d600-MXP Redirect headers date Mon, 22 Nov 2021 15:19:23 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01FN4351SM46S2KFXV1C9X2E6Q server cloudflare age 553 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 location /three@0.134.0/examples/js/controls/TrackballControls.js cache-control public, s-maxage=600, max-age=60 strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6b2322c1ab4cd600-MXP access-control-allow-origin *
GET H2	200	three-globe.min.js Show response unpkg.com/three-globe@2.21.3/dist/ Redirect Chain https://unpkg.com/three-globe https://unpkg.com/three-globe@2.21.3 https://unpkg.com/three-globe@2.21.3/dist/three-globe.min.js	424 KB 131 KB	63ms 58ms	Script application/javascript	2606:4700::6810:7baf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/three-globe@2.21.3/dist/three-globe.min.js Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Server 2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8a0bfd0cd9e09dc848b067008ec3818875a1d20044693fdc16371ff502701ff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:23 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 991902 fly-request-id 01FM6HQE73GSN4GDF3NXMC6078 content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"69e3f-S2jndJ2xWJTC+6sb7HYjqDGPyBQ" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 6b2322c29d04d600-MXP Redirect headers date Mon, 22 Nov 2021 15:19:23 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01FM6HQDTFKK9E3HAYWAN2AZ74 server cloudflare age 991903 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 location /three-globe@2.21.3/dist/three-globe.min.js cache-control public, max-age=31536000 strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6b2322c21c10d600-MXP access-control-allow-origin *
GET H2	200	powa-overrides.js Show response www.coindesk.com/pf/resources/scripts/	1 KB 819 B	38ms 35ms	Script application/javascript	2a02:26f0:6c00::210:ba10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.coindesk.com/pf/resources/scripts/powa-overrides.js?d=106 Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software openresty / Resource Hash bd46aa8a63561e84fc0d7940ad8c3e8d6d1dd50e562d63dbb1605dd1535f8144 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 22 Nov 2021 15:19:23 GMT content-encoding gzip last-modified Mon, 22 Nov 2021 13:57:10 GMT server openresty x-amz-request-id E6AH7HFP99BSBYMZ etag W/"f0632f32f0a4cdd93377931cb81150f1" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 content-security-policy upgrade-insecure-requests content-length 426 x-amz-id-2 eq85KssJD5Q+Q+kjTawVB/N3A0TGcM4hd3ZBIReDxfpfnQsysf0/Vrwh92CYrwcIi/7Tgbz+gaI= expires Tue, 22 Nov 2022 15:19:23 GMT
GET H2	200	queryly.js Show response www.coindesk.com/pf/resources/scripts/	44 KB 10 KB	49ms 45ms	Script application/javascript	2a02:26f0:6c00::210:ba10 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.coindesk.com/pf/resources/scripts/queryly.js?d=106 Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software openresty / Resource Hash f4e6e329bdc6529d456ecf560a03c396899d56e418881a98f2933b82400a1a3d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 22 Nov 2021 15:19:23 GMT content-encoding gzip last-modified Mon, 22 Nov 2021 13:57:11 GMT server openresty x-amz-request-id E6ASM462R4FHDT3M etag W/"c5bd4848742cbc95e1091d7197741537" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 content-security-policy upgrade-insecure-requests content-length 9733 x-amz-id-2 MA5nRGEd0fXk8z0W3gfhObs756Lg/7s6ohAcDF2qukmsmQnSzUOO4EH9kqwu7M1Zx02XlvBsciA= expires Tue, 22 Nov 2022 15:19:23 GMT
GET H2	200	NHaasGroteskTXStd-75Bd.woff downloads.coindesk.com/arc-hosted-fonts/	33 KB 33 KB	35ms 9ms	Font application/font-woff	143.204.207.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://downloads.coindesk.com/arc-hosted-fonts/NHaasGroteskTXStd-75Bd.woff Requested by Host: www.coindesk.com URL: https://www.coindesk.com/pf/resources/styles/main.css?d=106 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.207.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-207-50.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash e4dc91369fc1800cfe06b43a3164a70e98cad51a2508472d703fa4669594e55c Request headers Referer https://www.coindesk.com/ Origin https://www.coindesk.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 08:42:44 GMT via 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront) vary Origin age 23806 x-cache Hit from cloudfront content-length 33420 last-modified Tue, 03 Aug 2021 19:01:35 GMT server AmazonS3 etag "855a49635f30419a88aec7755136953f" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff access-control-allow-origin https://www.coindesk.com access-control-allow-credentials true x-amz-cf-pop FRA53-C1 accept-ranges bytes x-amz-cf-id Y625BSLEpeJBILm7C6cqY77r7tPerafw8A_XB4U7uUkqWusicXxLZA==
GET H2	200	roslindale_display_bold.ttf downloads.coindesk.com/arc-hosted-fonts/	118 KB 119 KB	47ms 22ms	Font binary/octet-stream	143.204.207.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://downloads.coindesk.com/arc-hosted-fonts/roslindale_display_bold.ttf Requested by Host: www.coindesk.com URL: https://www.coindesk.com/pf/resources/styles/main.css?d=106 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.207.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-207-50.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 24d73b5f3bf2d51b5a7429ea33b9d9b5080cd644fa91f3f22f5cf735025b5577 Request headers Referer https://www.coindesk.com/ Origin https://www.coindesk.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 04:53:53 GMT via 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront) vary Origin age 37846 x-cache Hit from cloudfront content-length 121032 last-modified Thu, 26 Aug 2021 16:27:26 GMT server AmazonS3 etag "e38acacb529b8e1f992ca3444ac94084" access-control-max-age 3000 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin https://www.coindesk.com access-control-allow-credentials true x-amz-cf-pop FRA53-C1 accept-ranges bytes x-amz-cf-id ndVptqrK2uKO0zs1LOHICfT6HAikb6-kQaRWGqpOUZ6Poe1nbNd0zA==
GET H2	200	NHaasGroteskTXStd-65Md.woff downloads.coindesk.com/arc-hosted-fonts/	34 KB 34 KB	38ms 13ms	Font application/font-woff	143.204.207.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://downloads.coindesk.com/arc-hosted-fonts/NHaasGroteskTXStd-65Md.woff Requested by Host: www.coindesk.com URL: https://www.coindesk.com/pf/resources/styles/main.css?d=106 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.207.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-207-50.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash fa9d92fce78ef362c76124fc38174000a38385b7a2e80759c5a5f3ec868ff149 Request headers Referer https://www.coindesk.com/ Origin https://www.coindesk.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 02:12:49 GMT via 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront) vary Origin age 48218 x-cache Hit from cloudfront content-length 34400 last-modified Tue, 03 Aug 2021 19:01:36 GMT server AmazonS3 etag "40362febc7158d5a600a87589b54bd70" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff access-control-allow-origin https://www.coindesk.com access-control-allow-credentials true x-amz-cf-pop FRA53-C1 accept-ranges bytes x-amz-cf-id LUxLIIgEz4o1Zt6163EfOjgs6dB2G_r9JWfLGUprS1trt8t2JbYcIA==
GET H2	200	NHaasGroteskTXStd-55Rg.woff downloads.coindesk.com/arc-hosted-fonts/	31 KB 32 KB	43ms 18ms	Font application/font-woff	143.204.207.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://downloads.coindesk.com/arc-hosted-fonts/NHaasGroteskTXStd-55Rg.woff Requested by Host: www.coindesk.com URL: https://www.coindesk.com/pf/resources/styles/main.css?d=106 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.207.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-207-50.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash e59e5b915e9504319b5b7c2e9fdb5f5d0be9be92624b8f3ab5dc22e7c89f74f0 Request headers Referer https://www.coindesk.com/ Origin https://www.coindesk.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 21 Nov 2021 15:49:32 GMT via 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront) vary Origin age 84592 x-cache Hit from cloudfront content-length 31844 last-modified Tue, 03 Aug 2021 19:01:38 GMT server AmazonS3 etag "39df8aa7ab413c67d93fc9ae7ce50ea7" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff access-control-allow-origin https://www.coindesk.com access-control-allow-credentials true x-amz-cf-pop FRA53-C1 accept-ranges bytes x-amz-cf-id Dz1GOFxdWIP9UC6ezzhT1DR6efrqeUUz6ejCHDmsBfItazBO9im_cg==
GET H2	200	NHaasGroteskTXStd-56It.woff downloads.coindesk.com/arc-hosted-fonts/	33 KB 34 KB	46ms 21ms	Font application/font-woff	143.204.207.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://downloads.coindesk.com/arc-hosted-fonts/NHaasGroteskTXStd-56It.woff Requested by Host: www.coindesk.com URL: https://www.coindesk.com/pf/resources/styles/main.css?d=106 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.207.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-207-50.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 4485f429ee0ae5345832367c22583a800d838de4fbead78eba7e4510af4b0e13 Request headers Referer https://www.coindesk.com/ Origin https://www.coindesk.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 03:54:03 GMT via 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront) vary Origin age 41259 x-cache Hit from cloudfront content-length 34072 last-modified Tue, 03 Aug 2021 19:01:37 GMT server AmazonS3 etag "c45fd6ab2d143e50f587d7e2aa27b72c" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff access-control-allow-origin https://www.coindesk.com access-control-allow-credentials true x-amz-cf-pop FRA53-C1 accept-ranges bytes x-amz-cf-id vYimcazgIOmPpDO1a8Zm-hWTda0ZtSSm0__nrEIcagny-fk2BBZblQ==
GET H2	200	pubads_impl_2021111601.js Show response securepubads.g.doubleclick.net/gpt/	344 KB 116 KB	25ms 23ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash 3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 118471 x-xss-protection 0 last-modified Tue, 16 Nov 2021 09:34:07 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 22 Nov 2021 15:19:23 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	94 B 116 B	41ms 18ms	XHR application/json	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.coindesk.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash e9749801aa430f057de92c38786504cd52a0db8f67b7f9de63a7e1687193fd55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Mon, 22 Nov 2021 15:19:23 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 91 x-xss-protection 0 expires Mon, 22 Nov 2021 15:19:23 GMT
GET H2	200	uc.js Show response consent.cookiebot.com/	90 KB 20 KB	167ms 30ms	Script application/javascript	2a02:26f0:6c00::210:ba83 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consent.cookiebot.com/uc.js?cbid=0eadae03-33f1-4a15-97c4-7f82433a6838 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9J8GSW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash c0404de34dcf6c1a11bee30014d03a955005654582dd1b1799a924bad7b56428 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:23 GMT content-encoding gzip last-modified Thu, 18 Nov 2021 12:26:28 GMT server Microsoft-IIS/10.0 etag "0b2898277dcd71:0" vary Accept-Encoding content-type application/javascript access-control-expose-headers Request-Context cache-control public, max-age=180 request-context appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef accept-ranges bytes content-length 20067 expires Mon, 22 Nov 2021 15:22:23 GMT
GET H2	200	landing googleads.g.doubleclick.net/pagead/ Redirect Chain https://www.google.com/pagead/landing?gcs=G111&gcd=G111&rnd=1530932766.1637594363&url=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-... https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=1530932766.1637594363&url=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-b...	42 B 681 B	45ms 16ms	Ping image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=1530932766.1637594363&url=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F&gtm=2wgba1W9J8GSW&auid=2101295102.1637594363 Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 22 Nov 2021 15:19:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=1530932766.1637594363&url=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F&gtm=2wgba1W9J8GSW&auid=2101295102.1637594363 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	167 KB 61 KB	35ms 19ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-VM3STRYVN8&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9J8GSW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a5e130e088f199f20331c32dbffca2df8bbf6ec5921175c121e279c968044809 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:23 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62497 x-xss-protection 0 expires Mon, 22 Nov 2021 15:19:23 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	33ms 7ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9J8GSW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 1096 date Mon, 22 Nov 2021 15:01:07 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 22 Nov 2021 17:01:07 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	28ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9J8GSW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 25965 x-xss-protection 0 pragma public x-fb-debug 4vFI3PNmy8ixUvvBl3eB/pdy/BrlpAE0F2F6oozx3YfIWqjqTb/2qCYiUrMLguwDQ6QM5ow1HSnHYuemZDLtxg== x-fb-trip-id 686109401 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Mon, 22 Nov 2021 15:19:23 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	37 KB 14 KB	37ms 26ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9J8GSW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:23 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14378 x-xss-protection 0 server cafe etag 684346926396516684 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Mon, 22 Nov 2021 15:19:23 GMT
GET H3	200	identity.js Show response connect.facebook.net/signals/plugins/	64 KB 20 KB	27ms 12ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 20661 x-xss-protection 0 pragma public x-fb-debug KbNc9WHAIPw+l9I7+Hx3JPfSHATikR3PsM37oiGjmaIeZMNAWUVcH0Y+jkkhimZMEKcU7cbTgGdTm9BZwxsVwA== x-frame-options DENY date Mon, 22 Nov 2021 15:19:23 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	239547076708948 Show response connect.facebook.net/signals/config/	305 KB 87 KB	21ms 8ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/239547076708948?v=2.9.48&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 35671e3f762e3f7f58dc33dd5be738c97c9395a9ddd3f1e102fd0674626b0bcc Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 89099 x-xss-protection 0 pragma public x-fb-debug ZlRlEjie6wEFRLxx90lfGdlaFvHN+Cfx9H4SeBgiwYAGsCxQdfl5FQM2slY2CJhdXN6ybZpHsxHsfrXcHghxlw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 22 Nov 2021 15:19:23 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	39ms 22ms	XHR text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=773168854&t=pageview&_s=1&dl=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F&ul=en-us&de=UTF-8&dt=Electronics%20Retailer%20MediaMarkt%20Hit%20by%20Ransomware%20Demand%20for%20%2450M%20Bitcoin%20Payment%3A%20Report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1113885389&gjid=117332290&cid=1125300492.1637594363&tid=UA-40183560-1&_gid=106905362.1637594363&_r=1&gtm=2wgba1W9J8GSW&gcs=G111&z=696495061 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.coindesk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:23 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.coindesk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect analytics.google.com/g/	0 348 B	53ms 20ms	Ping text/plain	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-VM3STRYVN8&gtm=2oeba1&_p=773168854&sr=1600x1200&_gaz=1&gcs=G111&ul=en-us&cid=1125300492.1637594363&_s=1&dl=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F&dt=Electronics%20Retailer%20MediaMarkt%20Hit%20by%20Ransomware%20Demand%20for%20%2450M%20Bitcoin%20Payment%3A%20Report&sid=1637594363&sct=1&seg=0&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VM3STRYVN8&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.coindesk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.coindesk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 56 B	87ms 26ms	Ping text/plain	2a00:1450:400c:c07::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VM3STRYVN8&cid=1125300492.1637594363&gtm=2oeba1&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VM3STRYVN8&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.coindesk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.coindesk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	67ms 35ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VM3STRYVN8&cid=1125300492.1637594363&gtm=2oeba1&aip=1&z=1894234052 Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/765771488/	3 KB 1 KB	183ms 159ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765771488/?random=1637594363391&cv=9&fst=1637594363391&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F&tiba=Electronics%20Retailer%20MediaMarkt%20Hit%20by%20Ransomware%20Demand%20for%20%2450M%20Bitcoin%20Payment%3A%20Report&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 80df456753caa5eaddad34faec3b40a9c5455b303164d3fc8b366573bdf32c7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:23 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1120 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 406 B	47ms 10ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=239547076708948&ev=PageView&dl=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F&rl=&if=false&ts=1637594363425&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1637594363424.1498184380&it=1637594363328&coo=false&tm=1&exp=p0&rqm=GET Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:23 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 content-length 44 expires Mon, 22 Nov 2021 15:19:23 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 443 B	29ms 25ms	XHR text/plain	2a00:1450:400c:c07::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-40183560-1&cid=1125300492.1637594363&jid=1113885389&gjid=117332290&_gid=106905362.1637594363&_u=YEBAAEAAAAAAAC~&z=1045276661 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.coindesk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 22 Nov 2021 15:19:23 GMT content-type text/plain access-control-allow-origin https://www.coindesk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	exchange-rates Show response production.api.coindesk.com/v2/	14 KB 5 KB	55ms 6ms	XHR application/json	65.9.71.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.api.coindesk.com/v2/exchange-rates Requested by Host: www.coindesk.com URL: https://www.coindesk.com/pf/dist/components/combinations/default.js?d=106 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-24.fra56.r.cloudfront.net Software / Resource Hash 35097a5a96da7baed70a0b9ba586d3f8e9b80bea81faf1b07476d8b9f316be44 Request headers Accept application/json, text/plain, */* Referer https://www.coindesk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 14:34:06 GMT content-encoding gzip age 2717 vary origin,accept-encoding x-cache Hit from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin https://www.coindesk.com access-control-expose-headers WWW-Authenticate,Server-Authorization cache-control max-age=3600, must-revalidate, public x-amz-cf-pop FRA56-C1 x-amz-cf-id ejVABNaDnSnfc9n62EFVqRoNBeS-PHz4SCDD11ndvW8a8uSGY8xD3w== via 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
GET H2	200	ticker Show response production.api.coindesk.com/v2/tb/price/	23 KB 8 KB	61ms 13ms	XHR application/json	65.9.71.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.api.coindesk.com/v2/tb/price/ticker?assets=all Requested by Host: www.coindesk.com URL: https://www.coindesk.com/pf/dist/components/combinations/default.js?d=106 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-24.fra56.r.cloudfront.net Software / Resource Hash 8967adf77753fb30453a247d1f29c2c99c897260906dbca0d47ceeb703e66f10 Request headers Accept application/json, text/plain, */* Referer https://www.coindesk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:13 GMT content-encoding gzip age 10 vary origin,accept-encoding x-cache Hit from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin https://www.coindesk.com access-control-expose-headers WWW-Authenticate,Server-Authorization cache-control max-age=30, must-revalidate, public x-amz-cf-pop FRA56-C1 x-amz-cf-id CqqNZFyeZ4HMOhNqcvOVVgtH9SQrIM3xOo6lZ7qjfb67vgJ1QycVPw== via 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
GET H2	200	list Show response production.api.coindesk.com/v2/tb/metrics/	35 KB 8 KB	55ms 8ms	XHR application/json	65.9.71.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.api.coindesk.com/v2/tb/metrics/list?assets=all&metrics=all Requested by Host: www.coindesk.com URL: https://www.coindesk.com/pf/dist/components/combinations/default.js?d=106 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-24.fra56.r.cloudfront.net Software / Resource Hash b8641fcbff3dc84d76d37e48e768f2cd71b09e32325e61b625f954b989185bec Request headers Accept application/json, text/plain, */* Referer https://www.coindesk.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:04:32 GMT content-encoding gzip age 891 vary origin,accept-encoding x-cache Hit from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin https://www.coindesk.com access-control-expose-headers WWW-Authenticate,Server-Authorization cache-control max-age=2400, must-revalidate, public x-amz-cf-pop FRA56-C1 x-amz-cf-id bSUv8K5SGrxg8GYueUnTX4NFdSmHGvPZxtduE7gp-tt85GggtVDb9g== via 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	63ms 43ms	Image image/gif	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-40183560-1&cid=1125300492.1637594363&jid=1113885389&_u=YEBAAEAAAAAAAC~&z=2002032543 Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	63ms 35ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-40183560-1&cid=1125300492.1637594363&jid=1113885389&_u=YEBAAEAAAAAAAC~&z=2002032543 Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bc-v3.min.html Show response consentcdn.cookiebot.com/sdk/ Frame D562	2 KB 1 KB	47ms 8ms	Document text/html	2a02:26f0:6c00:281::f09 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consentcdn.cookiebot.com/sdk/bc-v3.min.html Requested by Host: consent.cookiebot.com URL: https://consent.cookiebot.com/uc.js?cbid=0eadae03-33f1-4a15-97c4-7f82433a6838 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:281::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ Response headers accept-ranges bytes content-type text/html etag "b10de1f5f615a79259ac9e34f470ce1d:1615283706.572935" last-modified Tue, 09 Mar 2021 09:55:06 GMT server AkamaiNetStorage x-akamai-transformed 9 - 0 pmb=mRUM,1 vary Accept-Encoding content-encoding gzip cache-control max-age=31226238 expires Sat, 19 Nov 2022 01:16:42 GMT date Mon, 22 Nov 2021 15:19:24 GMT content-length 895 server-timing cdn-cache; desc=HIT edge; dur=1
POST H3	200	/ Show response www.facebook.com/tr/ Frame 4F2A	0 17 B	16ms 7ms	Document text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 Origin https://www.coindesk.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ Response headers content-type text/plain access-control-allow-origin https://www.coindesk.com access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin content-length 0 server proxygen-bolt alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i date Mon, 22 Nov 2021 15:19:24 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/765771488/	42 B 64 B	20ms 19ms	Image image/gif	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/765771488/?random=1637594363391&cv=9&fst=1637593200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F&tiba=Electronics%20Retailer%20MediaMarkt%20Hit%20by%20Ransomware%20Demand%20for%20%2450M%20Bitcoin%20Payment%3A%20Report&async=1&fmt=3&is_vtc=1&random=1328518098&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/765771488/	42 B 64 B	20ms 20ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/765771488/?random=1637594363391&cv=9&fst=1637593200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F&tiba=Electronics%20Retailer%20MediaMarkt%20Hit%20by%20Ransomware%20Demand%20for%20%2450M%20Bitcoin%20Payment%3A%20Report&async=1&fmt=3&is_vtc=1&random=1328518098&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cc.js Show response consent.cookiebot.com/0eadae03-33f1-4a15-97c4-7f82433a6838/	236 KB 58 KB	126ms 126ms	Script application/x-javascript	2a02:26f0:6c00::210:ba83 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consent.cookiebot.com/0eadae03-33f1-4a15-97c4-7f82433a6838/cc.js?renew=false&referer=www.coindesk.com&dnt=false&forceshow=false Requested by Host: consent.cookiebot.com URL: https://consent.cookiebot.com/uc.js?cbid=0eadae03-33f1-4a15-97c4-7f82433a6838 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 2e3114d80c77fe861f56b8034b39fed8ee4d9d86b2873508316411d8537d8113 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:24 GMT content-encoding gzip last-modified Mon, 22 Nov 2021 15:19:24 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Request-Context cache-control private, max-age=1200 access-control-allow-headers cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers content-length 58320 request-context appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 80189e48f9fe1dd1652aae69918a5efba03662e7dab892fdb94c65d483c1df49 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 98ccd33e523985efa588344a13932892db38b1335243f989dd366450db8ea68d Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	964 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d47bcf54431b918d4b86953244677a675940b21844a2ac41bee9b690415eb0b1 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	973 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	40ms 17ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.coindesk.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Mon, 22 Nov 2021 15:19:24 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	38ms 16ms	Script application/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.coindesk.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Mon, 22 Nov 2021 15:19:24 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	15 KB 9 KB	449ms 448ms	XHR text/plain	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3190244216903856&correlator=4430796857727108&output=ldjh&impl=fif&eid=21065725&vrg=2021111601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=22031491390%2Ccddesktop%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C1x1&prev_scp=post_id%3DWNP4XCG7NVBNVMHVPW22EP3SBQ%26primary_section%3Dbusiness%26secondary_section%3Dbusiness%26tag%3Dransomware%252Cransomware-attack%26pos%3Dstickydsk&cust_params=APP_ENV%3Dproduction&cookie_enabled=1&bc=31&abxe=1&lmt=1637594362&dt=1637594364867&dlt=1637594362985&idt=326&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1199&adks=1463828987&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1125300492.1637594363&ga_sid=1637594365&ga_hid=773168854&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash d9297222a578dc3be8ef8da9ec6f96494fc017d68b9ce38d7bc8c7641056ea14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:25 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8979 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.coindesk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	12 KB 9 KB	21ms 21ms	XHR application/json	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 16bfb4a6a96b3b8fddbca6d089272116f2c576f7d0cd28d6a39a81e3a53c7b20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Mon, 22 Nov 2021 15:19:24 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9235 x-xss-protection 0
GET H2	200	container.html Show response 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4E65	6 KB 4 KB	69ms 16ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Mon, 22 Nov 2021 15:19:24 GMT expires Tue, 22 Nov 2022 15:19:24 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	435 B 249 B	46ms 46ms	XHR text/plain	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3190244216903856&correlator=4430796857727108&output=ldjh&impl=fif&eid=21065725&vrg=2021111601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=22031491390%2Ccddesktop%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1250x260%7C970x250%7C1x1&prev_scp=post_id%3DWNP4XCG7NVBNVMHVPW22EP3SBQ%26primary_section%3Dbusiness%26secondary_section%3Dbusiness%26tag%3Dransomware%252Cransomware-attack%26pos%3Dhighimpactdsk&cust_params=APP_ENV%3Dproduction&cookie_enabled=1&bc=31&abxe=1&lmt=1637594362&dt=1637594364879&dlt=1637594362985&idt=326&frm=20&biw=1600&bih=1200&oid=2&adxs=175&adys=0&adks=2510385142&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1600x0&ga_vid=1125300492.1637594363&ga_sid=1637594365&ga_hid=773168854&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash ab9a0d74d34df4a98106f3ba098bbc5a1000bad4510fa356b7df4f0d7621a3f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:24 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 220 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.coindesk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	33 KB 18 KB	858ms 857ms	XHR text/plain	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3190244216903856&correlator=4430796857727108&output=ldjh&impl=fif&eid=21065725&vrg=2021111601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=22031491390%2Ccddesktop%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C1x1&prev_scp=post_id%3DWNP4XCG7NVBNVMHVPW22EP3SBQ%26primary_section%3Dbusiness%26secondary_section%3Dbusiness%26tag%3Dransomware%252Cransomware-attack%26adIndex%3D11%26pos%3Dmid&cust_params=APP_ENV%3Dproduction&cookie_enabled=1&bc=31&abxe=1&lmt=1637594362&dt=1637594364903&dlt=1637594362985&idt=326&frm=20&biw=1600&bih=1200&oid=2&adxs=370&adys=1015&adks=2742033276&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=755x1&msz=755x0&ga_vid=1125300492.1637594363&ga_sid=1637594365&ga_hid=773168854&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 2634d4422a027c5ce34aa93d8905a6cf2befb3d887ba352e3c316c0f18fbe4c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:25 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18903 x-xss-protection 0 google-lineitem-id 5765385331 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138359754783 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.coindesk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	19 KB 9 KB	1304ms 1303ms	XHR text/plain	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3190244216903856&correlator=4430796857727108&output=ldjh&impl=fif&eid=21065725&vrg=2021111601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=22031491390%2Ccddesktop%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C1x1&prev_scp=post_id%3DWNP4XCG7NVBNVMHVPW22EP3SBQ%26primary_section%3Dbusiness%26secondary_section%3Dbusiness%26tag%3Dransomware%252Cransomware-attack%26adIndex%3D12%26pos%3Drec&cust_params=APP_ENV%3Dproduction&cookie_enabled=1&bc=31&abxe=1&lmt=1637594362&dt=1637594364912&dlt=1637594362985&idt=326&frm=20&biw=1600&bih=1200&oid=2&adxs=1136&adys=275&adks=1003885369&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x1&msz=300x0&ga_vid=1125300492.1637594363&ga_sid=1637594365&ga_hid=773168854&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 7b58a2f0b6512ecfbf7575649ae8e288f5679d441ea1cb99bb9276adaf172f66 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:26 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8692 x-xss-protection 0 google-lineitem-id 5733373910 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138360728869 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.coindesk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	215ms 186ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:25 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Mon, 22 Nov 2021 15:19:25 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame E77E	12 KB 5 KB	30ms 11ms	Document text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Mon, 22 Nov 2021 15:01:05 GMT expires Tue, 22 Nov 2022 15:01:05 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 1100 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 2085	783 B 535 B	17ms 16ms	Document text/html	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 5a98611c28a8d1d88ea130473c0089f05dbe3ebcf258d0b277e93af529cf337f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-a+XD7njN1/JO41eWPoO8sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Mon, 22 Nov 2021 15:19:25 GMT date Mon, 22 Nov 2021 15:19:25 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-a+XD7njN1/JO41eWPoO8sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 2085	0 0	49ms 49ms	Image text/html	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=3190244216903856&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers
GET H3	200	Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response pagead2.googlesyndication.com/bg/ Frame E77E	35 KB 13 KB	8ms 7ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash 61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 12:29:24 GMT content-encoding br x-content-type-options nosniff age 10201 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13476 x-xss-protection 0 last-modified Mon, 08 Nov 2021 11:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 22 Nov 2022 12:29:24 GMT
GET H3	200	container.html Show response 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F081	6 KB 3 KB	33ms 11ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Mon, 22 Nov 2021 15:19:24 GMT expires Tue, 22 Nov 2022 15:19:24 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	44ms 43ms	Image image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=3190244216903856&bg=!REelRwPNAAZQLpa_UC47ACkAdvg8Wl9RbIBxw5Qr4XI5ESY3mmzt95HeA4Za9pOeiDSUPTHv_b0_ZgIAAACHUgAAAA1oAQcKAKglVS1QjL6ppoTTrxoejc2CvJ31MnOtXNNOUPrjli9HcMCY46gnyz3coEi7j9dPJmOFZz4le98lMRtDPfE5Ey3Ddg6TxekmanMBQvU9tarzATcUIz8PH5-Jut8EstFG9iwLpWgyolqex-RY_oYYp4vpEysbdjNXmxoehRzkMJQLN0JE-6DF41LJGhbehGJJdFq1ltIXJlzSSaw4VSrWkjtwut7ZRGbRZyOZAnuVt6NbGsYrEjYwZTjyEMpocIB71mTKyqk603npw0HMDhK5fvayyVSwztrEPFSeRrPw8eECvBFG_6yYt4ajQFh4-tIptMfVNR_ZPtHKKWMRSeF30XpHoz_w8WYPjWoi2o70-mHkuvR0G-4EN0iAzWAhG9XubLzIRN-B0S4EvDn4Q9NJWfYaOZ7wGo8ce6hRu137Rbh1EDytqMlvfKVkHJ2_6NS3qCa8tnJHW_pDGxjxOXUesauxIavp6mRuVFpfwiLidC8NtWBakpua_3hZB-bQz3Kk9n-Dg099bpdcm69ANIkyvtKzmyTgFnyMEWNt9rCeHJmuzXisPkDD-sKyQPM--6HXKzc1vVq5_wQeXnnsJR8pv99gws5MNb5zm2THbyfT8L6KftL1ZwTzk4gsBnmmlg3TlVHDGNUTQ8vKta_UqYz9Be5C8B_KD4bzG1ceLW11cfF90lnmFYmfu_CN2HQUEUIeO1QXV4t0f70o-IMofOhvZy2I4pXfeJJpr2aSmMMVHBNKR_E6wyfU6ziamjJPeZsE7U32r8so-8IoJjNALccRxUjOD2wJtml6lSkmT-EtyxpMMEa1oOc1cMSic3F2mdl8FQGX3_z3ANEJ242FdbwrfqbSJFAQUf7ajKmjzQpwnUnTVORyqeXxELawnhnTenK5t-jN28AuFTx1LGghG9ljigeCMxmlTViP6Wg-aPIHpesfnd3oiWSWc9_z8ngafIEo0qkAWi3XnPjkW90fXl4MFODw-rfyBhXe6xSZInNjEq-hh-3qmRLASMCGjTg8kds74yQP7hRhXDawcidyssMt0opBGa6NwRZInzSBCE7zVflwg3X41-0qnA Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:25 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 39FE	624 B 297 B	36ms 21ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY9eLZlAEwAQ&v=APEucNWukTSH6kYQKxwiuljmCXjlH-POHLYorSh75Ep3vbIh9rTHYizDA2WaKo0E0HlBjJqWaV-DkN0lTVnwg3KQERVB9cKvRWpT8FHwj2zmJnkrmYO1W8JUGWrhrIBnxCtS2-KfMIswT5HG8jz6jaH8g09zTEtvYhDaeDweHyMyLiPY-p7hgOw Requested by Host: 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com URL: https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Mon, 22 Nov 2021 15:19:25 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame F081	71 KB 30 KB	53ms 51ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cgbm1DbxvXYn75DbMEjK_bKXHvHvMSTXVnbpfqr8xj7vE2OBJkzv6N0lvpL-aQo1QIgMPfC5i8KGsUlOfYJlp6eHlsDgLFJXiaRfwiOPxEAF1r1SJsn1U6TkyCzvzYMftYvV562xlzDXXJ3eYDK_J14DNcRg&dbm_d=AKAmf-Cir_iwmpB2oopc6dLqRJ1Sb2c6vWNjpSi-TYNX09iRdW7WIaaqj5ObSJcWDhfD_coloEAYZrCucLKQ4bvXJ34MgHiFN1z4hlz_YYoM9wpIHyzO4Z8nNEiqSbex4UnnJ_g8ulhvEuHehJG1QwbnIvTbKCZ0co2TzqW2UiYFLZmuIEC0mtiORU5Ly3qu5bunl0ZzWgPDGkDcIE7kJkq0Y9LtTF_B6tpcbSaeMTtioa8V79hBAZGRNWshHjlhFnhqvTXmhEjbHe0Mk5_p6g-T4J6x1eibja6le8csTn0DbYJlQc9lbeIFlE2KExBSbOXL2GdUMW4U3ylExnU_aVsAfKcmoWKDbFVnA9Ndy6lvVV9rypO0r8C8bVlKXCYwgWPfr0iMk9iVCyDyLCJdbOtKJQaWgcdlTvqYdkO6K1iC4mVr6fo-FpkAhoTLwAoTIKdwUXrRejMZuFcd4fjF4UOG4AwUJFrlESvk-i6MPIfR97EY59H9c3ZMGkgI14bnX-sE2SuIMkygOq9gvlTskWe7Fy1iQu6GFO4gGWqaCFHtj7G3Yxftuz5rotxmDSFnFjk36PT_oybjDZznNat4oZoQ2IsnDn3vKDwFyaQ4Fb9F7BnqHAp1Mpn4FrnWanaKMdG_FM_bxnX5XvBiqlP3gXV0P4SbAW53RwI5630Citdxg1Tpuk8XemmIKQfW0Q1GGik8LrO0veh2CExek2AhUKtcnBnq1E3L4oNreAZWTA-jSRgUVCvJOUkyyzaGvtQzcQWG_PXH50wue9QPJZf_Iw0-jP4xTKwJW4fhC9KM0DKVTWCo48qAV2CzgQiu3t9-YBX4OrZm_koYm2UDy7NIHhvGuvQKJ4QX8FQCt73LhPW8XSOUMP95IRC-vT0kZM_PAuXD_TbIXDiQCV21LYY-lkN13VkdAV1_qYYBrIunwN5d66h3f6D49X-Dly_d3n-J0ZCLVo-nJiHdrwdU0S2PVSzeulSdTki4AgJr0yqaLxZ6yuphGEMUEJ5ZekxFFkiCmaumDWu8T-PjUT59ZSMNrkMOYYe8VSVFBmqar9iSPFeoUE8Dj9mUG7ePTUTZLnve2AeXkcTiw8JVNU6gssIWdG6sXcRqB4j-NkDUadrFtnowT1doguhflgpQBL8RAq5IZnDXzjmDgmnUmlpgoeyId-CPdKEw8bf5YznBPT__v2OCXwTNbWOy95gy7Qqwtgp78q2idGmsMRsLqCBX_4jU9rz2GxUeNxPhSZWSdJnzANYnEYZ52hejg6N55zAdfKgqMUcU-KbAJIL6cHX2iNLDv07fnPzj8BzIo2SpWOyyXPxhaOAie4vyHBO2cEn7Zysn1QxPfN9h-JXYn0qfS8Ggz6XfbQh_OJDpbxCVfupAeywgZrRUOCCp66wUMRimTHnkiwdLjRDmqaGhosyfKp-GyiqC6MmmuUTmVXceHg189Q9MV97578CpEBek0t7gWbQaJJdeeBSdDIb5iSc4w6siqbu8Je_eesyaytfBWJ1VNeuDwdPAUD2OntEfuD5LDf9foT_vyqQgVjSmZW0D5ubvCKTRzjXMyf3XYQVw33J_4Xwj_4TQFcG2tYGOTpfDVBbjbvp48iHwDfQC7PPG3tKA9gsuBc94JxOyYCuSH3xLopkbvzfFFoFMJhmXEv343rxIsbWVWyQKWwxaVfDgozG23npGNvAxzjGSvXholSSp9vh-JXj1f2UIMeUySFllgf_3fxsjZdX2OVRxdghw3NKCbTdsjvOhL0bKZwxPhfx37VuwkxMB9FwY4Qp2jLhItBxAddLCVg4Yq7dKenlLIYf-4Gg2u8lAnL-W1DzZh2n0DofiLloQsuKbrIPEScwZUf3sMxUt266nqlc8ism72bNZ_v6VcEU9ey7cffSyQ0PlxxMzMleVMPpgFwVpCCxdXVFYUxIyUCQN8lW1RQMuhAUpLaQOA_Ngw6Wr3Ugp49le4iFfD8p4nLI9Fa9v5qZaOw9YUFTjdUp2Kr6W_mZWM4f57RKDt_niP35yYkQku4pun7iKwd5et5RBUq04gDdfrCOJ6NsR5Yw-ka2Jo6HiXZKZhThsqh6rtd4a_iSesqSQxY6qKCoRrOcqBQ4vdcyIzsNiKYi0a-WLWTzYNAolXWT32gGhhQQt86Shf94VajrH1nnV4nkunQIBTy0tH26OvcTN_JVIhXyA5xi2tKHBE2I1BdqET7VGtEUPLRlHs5RwOun8e-t0a0Rv90GQT0cr6hmYdlWWSO-2Wof6cnUg4rwnaL2ISAMKZjUg2L1KKHKjCMFFK4aYdIPEo9Gd5Yore7BULNjK-vQt--lhCsVAssI-lLiIBBa-xwO4frnsGIRT4cRBR4xekBpDjAGgfwekmSsHQ4Wkm9Mm2Df_KefoT8NNawbmadNaw590dSwj-0cnDzjK7CpkKdL0ADB3Y232zlq43Z0SKvWc9DJu3kRFuMn36AEy5C7a2SLLTDQgKIPbRyWOc3gQViy-_Aei2VsgxjbZDjOsb6lNl_8lSfks0xa2clblOa4K9ZZQD3oHu-lUDYmHXN1rcc7ONFqTjeCJjCSCUxTIHtSFOnZYoMfKd7gIVmrwLDIc1wRSwXitM4Rzfye1k9IubiUVE2oNsN7eLv8L5DPwmU2CFv211HuH_KKnUxx6-MxcuZkHeaXt6qkcqFp3HST9cxsA4DLEv9hSfubJ_Uqhhkm1avUb8RlR009TsK7GoFWEA46psrh-IssNok04oP_M2zLAoJL_y2s3-tfSPJCjhJzQ7aPVLOUt7-lTnhN53sFV7JvKV1AdldUr_13cb09UPSPBCbvqOP6LJurzgln-8jUnsBs4TFJRoFuURPju2YMSNRRSP2OXx51CwPDfPRk-F6FmR8at0PV246CZH2qDzZ1vYgJGT1Q0YZlpUE1RIx_iL6AibdIHeCywYbyf2vbhnoXtdLwY27GuvKH_vKTDfuzcDmA5gx1g2JNCYAaDFaS4Wz-4T72UTSIFnq_LVd9s6t8H5tA-D12u3iLsHAuaOIm-FSDgKkIc11y7LWNS9odC909CmVqFYSeJcj6YII1XsDi7fpfw-EnfEBAavZQXaG_CcTlVC0IkXLGCreP4oB_kiJY8MOaImG6hDnNbC9m9e1D5ohI5RQIKjI6AEz4t7BAJALr9b0eTJ9lV7JcSKhXgiaj08wbzMoKvziFe25OQLR6m6XE&cid=CAASEuRoyvQzBf0tH5kOoTzmDiozeA&rfl=1%2Chttps%253A%252F%252Fwww.coindesk.com%252F%240 Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash da66dc35d4f882abbd463b97a0b910a2572139889266aa040e0e86c9d8870832 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:25 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30880 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame F081	42 B 63 B	47ms 46ms	Image image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A28xZlu-2W_WVwqYt2Alg7-zYdbbXwt5Wvv8Gj0mJNONb8-SE88iStcfgZX-zmYyPixa9xGy4oY792W8e3F3RgZTeS59MTci6_c8B1RfbOu_13UmU Requested by Host: 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com URL: https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:25 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame F081	2 KB 1 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js Requested by Host: 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com URL: https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:15:12 GMT content-encoding gzip x-content-type-options nosniff age 253 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1332 x-xss-protection 0 server cafe etag 3351516697335751560 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 06 Dec 2021 15:15:12 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F081	119 KB 37 KB	49ms 25ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com URL: https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 22 Nov 2021 15:19:25 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame F081	15 KB 6 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com URL: https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:14:52 GMT content-encoding gzip x-content-type-options nosniff age 273 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6415 x-xss-protection 0 server cafe etag 16810888504096353422 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 06 Dec 2021 15:14:52 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame F081	0 0	15ms 14ms	Image text/html	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTowbJeP75TvGAUrYXGQWVUh-AJ-2__wBBIgU8usOCeRacp-mwu7voCUopEMLqiph_9J1hxqOAO0g_22jbt-3J6G9sJGA Requested by Host: 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com URL: https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 39FE Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkqx5VNkot3Jkn42ctNVro&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkqx5VNkot3Jkn42ctNVro&google_cver=1&C=1	43 B 1014 B	32ms 31ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkqx5VNkot3Jkn42ctNVro&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY9eLZlAEwAQ&v=APEucNWukTSH6kYQKxwiuljmCXjlH-POHLYorSh75Ep3vbIh9rTHYizDA2WaKo0E0HlBjJqWaV-DkN0lTVnwg3KQERVB9cKvRWpT8FHwj2zmJnkrmYO1W8JUGWrhrIBnxCtS2-KfMIswT5HG8jz6jaH8g09zTEtvYhDaeDweHyMyLiPY-p7hgOw Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Mon, 22 Nov 2021 15:19:25 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 22 Nov 2021 15:19:25 GMT Redirect headers Pragma no-cache Date Mon, 22 Nov 2021 15:19:25 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkqx5VNkot3Jkn42ctNVro&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Mon, 22 Nov 2021 15:19:25 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 39FE Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZu0-W.eWNCBYH22NXN0FQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkqx5VNkot3Jkn42ctNVro&google_cver=1&google_hm=2	43 B 894 B	32ms 32ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkqx5VNkot3Jkn42ctNVro&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY9eLZlAEwAQ&v=APEucNWukTSH6kYQKxwiuljmCXjlH-POHLYorSh75Ep3vbIh9rTHYizDA2WaKo0E0HlBjJqWaV-DkN0lTVnwg3KQERVB9cKvRWpT8FHwj2zmJnkrmYO1W8JUGWrhrIBnxCtS2-KfMIswT5HG8jz6jaH8g09zTEtvYhDaeDweHyMyLiPY-p7hgOw Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Mon, 22 Nov 2021 15:19:25 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 22 Nov 2021 15:19:25 GMT Redirect headers pragma no-cache date Mon, 22 Nov 2021 15:19:25 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkqx5VNkot3Jkn42ctNVro&google_cver=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 39FE Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESED2_o2OrNtEBEYYhLR09ufo&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED2_o2OrNtEBEYYhLR09ufo%26google_cver%3D1	43 B 1 KB	24ms 20ms	Image image/gif	185.33.221.91 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED2_o2OrNtEBEYYhLR09ufo%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY9eLZlAEwAQ&v=APEucNWukTSH6kYQKxwiuljmCXjlH-POHLYorSh75Ep3vbIh9rTHYizDA2WaKo0E0HlBjJqWaV-DkN0lTVnwg3KQERVB9cKvRWpT8FHwj2zmJnkrmYO1W8JUGWrhrIBnxCtS2-KfMIswT5HG8jz6jaH8g09zTEtvYhDaeDweHyMyLiPY-p7hgOw Protocol HTTP/1.1 Server 185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Mon, 22 Nov 2021 15:19:25 GMT X-Proxy-Origin 193.27.14.10; 193.27.14.10; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 79f6cd3c-9362-4649-b57a-130e1126893f Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Mon, 22 Nov 2021 15:19:25 GMT X-Proxy-Origin 193.27.14.10; 193.27.14.10; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 3914256d-9382-460c-a91c-8096cb0d6193 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED2_o2OrNtEBEYYhLR09ufo%26google_cver%3D1 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 39FE Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDczODU0Mjc0OTU0NDQyNzg3NQ%3D%3D	170 B 188 B	31ms 17ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDczODU0Mjc0OTU0NDQyNzg3NQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY9eLZlAEwAQ&v=APEucNWukTSH6kYQKxwiuljmCXjlH-POHLYorSh75Ep3vbIh9rTHYizDA2WaKo0E0HlBjJqWaV-DkN0lTVnwg3KQERVB9cKvRWpT8FHwj2zmJnkrmYO1W8JUGWrhrIBnxCtS2-KfMIswT5HG8jz6jaH8g09zTEtvYhDaeDweHyMyLiPY-p7hgOw Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 22 Nov 2021 15:19:25 GMT X-Proxy-Origin 193.27.14.10; 193.27.14.10; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 87965c05-4824-48bc-b49f-6b33531144fc Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDczODU0Mjc0OTU0NDQyNzg3NQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	express_html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame F081	106 KB 38 KB	31ms 9ms	Script text/javascript	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ Origin https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 11:07:27 GMT content-encoding gzip x-content-type-options nosniff age 15118 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37892 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:52 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 23 Nov 2021 11:07:27 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame F081	8 KB 3 KB	7ms 7ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cgbm1DbxvXYn75DbMEjK_bKXHvHvMSTXVnbpfqr8xj7vE2OBJkzv6N0lvpL-aQo1QIgMPfC5i8KGsUlOfYJlp6eHlsDgLFJXiaRfwiOPxEAF1r1SJsn1U6TkyCzvzYMftYvV562xlzDXXJ3eYDK_J14DNcRg&dbm_d=AKAmf-Cir_iwmpB2oopc6dLqRJ1Sb2c6vWNjpSi-TYNX09iRdW7WIaaqj5ObSJcWDhfD_coloEAYZrCucLKQ4bvXJ34MgHiFN1z4hlz_YYoM9wpIHyzO4Z8nNEiqSbex4UnnJ_g8ulhvEuHehJG1QwbnIvTbKCZ0co2TzqW2UiYFLZmuIEC0mtiORU5Ly3qu5bunl0ZzWgPDGkDcIE7kJkq0Y9LtTF_B6tpcbSaeMTtioa8V79hBAZGRNWshHjlhFnhqvTXmhEjbHe0Mk5_p6g-T4J6x1eibja6le8csTn0DbYJlQc9lbeIFlE2KExBSbOXL2GdUMW4U3ylExnU_aVsAfKcmoWKDbFVnA9Ndy6lvVV9rypO0r8C8bVlKXCYwgWPfr0iMk9iVCyDyLCJdbOtKJQaWgcdlTvqYdkO6K1iC4mVr6fo-FpkAhoTLwAoTIKdwUXrRejMZuFcd4fjF4UOG4AwUJFrlESvk-i6MPIfR97EY59H9c3ZMGkgI14bnX-sE2SuIMkygOq9gvlTskWe7Fy1iQu6GFO4gGWqaCFHtj7G3Yxftuz5rotxmDSFnFjk36PT_oybjDZznNat4oZoQ2IsnDn3vKDwFyaQ4Fb9F7BnqHAp1Mpn4FrnWanaKMdG_FM_bxnX5XvBiqlP3gXV0P4SbAW53RwI5630Citdxg1Tpuk8XemmIKQfW0Q1GGik8LrO0veh2CExek2AhUKtcnBnq1E3L4oNreAZWTA-jSRgUVCvJOUkyyzaGvtQzcQWG_PXH50wue9QPJZf_Iw0-jP4xTKwJW4fhC9KM0DKVTWCo48qAV2CzgQiu3t9-YBX4OrZm_koYm2UDy7NIHhvGuvQKJ4QX8FQCt73LhPW8XSOUMP95IRC-vT0kZM_PAuXD_TbIXDiQCV21LYY-lkN13VkdAV1_qYYBrIunwN5d66h3f6D49X-Dly_d3n-J0ZCLVo-nJiHdrwdU0S2PVSzeulSdTki4AgJr0yqaLxZ6yuphGEMUEJ5ZekxFFkiCmaumDWu8T-PjUT59ZSMNrkMOYYe8VSVFBmqar9iSPFeoUE8Dj9mUG7ePTUTZLnve2AeXkcTiw8JVNU6gssIWdG6sXcRqB4j-NkDUadrFtnowT1doguhflgpQBL8RAq5IZnDXzjmDgmnUmlpgoeyId-CPdKEw8bf5YznBPT__v2OCXwTNbWOy95gy7Qqwtgp78q2idGmsMRsLqCBX_4jU9rz2GxUeNxPhSZWSdJnzANYnEYZ52hejg6N55zAdfKgqMUcU-KbAJIL6cHX2iNLDv07fnPzj8BzIo2SpWOyyXPxhaOAie4vyHBO2cEn7Zysn1QxPfN9h-JXYn0qfS8Ggz6XfbQh_OJDpbxCVfupAeywgZrRUOCCp66wUMRimTHnkiwdLjRDmqaGhosyfKp-GyiqC6MmmuUTmVXceHg189Q9MV97578CpEBek0t7gWbQaJJdeeBSdDIb5iSc4w6siqbu8Je_eesyaytfBWJ1VNeuDwdPAUD2OntEfuD5LDf9foT_vyqQgVjSmZW0D5ubvCKTRzjXMyf3XYQVw33J_4Xwj_4TQFcG2tYGOTpfDVBbjbvp48iHwDfQC7PPG3tKA9gsuBc94JxOyYCuSH3xLopkbvzfFFoFMJhmXEv343rxIsbWVWyQKWwxaVfDgozG23npGNvAxzjGSvXholSSp9vh-JXj1f2UIMeUySFllgf_3fxsjZdX2OVRxdghw3NKCbTdsjvOhL0bKZwxPhfx37VuwkxMB9FwY4Qp2jLhItBxAddLCVg4Yq7dKenlLIYf-4Gg2u8lAnL-W1DzZh2n0DofiLloQsuKbrIPEScwZUf3sMxUt266nqlc8ism72bNZ_v6VcEU9ey7cffSyQ0PlxxMzMleVMPpgFwVpCCxdXVFYUxIyUCQN8lW1RQMuhAUpLaQOA_Ngw6Wr3Ugp49le4iFfD8p4nLI9Fa9v5qZaOw9YUFTjdUp2Kr6W_mZWM4f57RKDt_niP35yYkQku4pun7iKwd5et5RBUq04gDdfrCOJ6NsR5Yw-ka2Jo6HiXZKZhThsqh6rtd4a_iSesqSQxY6qKCoRrOcqBQ4vdcyIzsNiKYi0a-WLWTzYNAolXWT32gGhhQQt86Shf94VajrH1nnV4nkunQIBTy0tH26OvcTN_JVIhXyA5xi2tKHBE2I1BdqET7VGtEUPLRlHs5RwOun8e-t0a0Rv90GQT0cr6hmYdlWWSO-2Wof6cnUg4rwnaL2ISAMKZjUg2L1KKHKjCMFFK4aYdIPEo9Gd5Yore7BULNjK-vQt--lhCsVAssI-lLiIBBa-xwO4frnsGIRT4cRBR4xekBpDjAGgfwekmSsHQ4Wkm9Mm2Df_KefoT8NNawbmadNaw590dSwj-0cnDzjK7CpkKdL0ADB3Y232zlq43Z0SKvWc9DJu3kRFuMn36AEy5C7a2SLLTDQgKIPbRyWOc3gQViy-_Aei2VsgxjbZDjOsb6lNl_8lSfks0xa2clblOa4K9ZZQD3oHu-lUDYmHXN1rcc7ONFqTjeCJjCSCUxTIHtSFOnZYoMfKd7gIVmrwLDIc1wRSwXitM4Rzfye1k9IubiUVE2oNsN7eLv8L5DPwmU2CFv211HuH_KKnUxx6-MxcuZkHeaXt6qkcqFp3HST9cxsA4DLEv9hSfubJ_Uqhhkm1avUb8RlR009TsK7GoFWEA46psrh-IssNok04oP_M2zLAoJL_y2s3-tfSPJCjhJzQ7aPVLOUt7-lTnhN53sFV7JvKV1AdldUr_13cb09UPSPBCbvqOP6LJurzgln-8jUnsBs4TFJRoFuURPju2YMSNRRSP2OXx51CwPDfPRk-F6FmR8at0PV246CZH2qDzZ1vYgJGT1Q0YZlpUE1RIx_iL6AibdIHeCywYbyf2vbhnoXtdLwY27GuvKH_vKTDfuzcDmA5gx1g2JNCYAaDFaS4Wz-4T72UTSIFnq_LVd9s6t8H5tA-D12u3iLsHAuaOIm-FSDgKkIc11y7LWNS9odC909CmVqFYSeJcj6YII1XsDi7fpfw-EnfEBAavZQXaG_CcTlVC0IkXLGCreP4oB_kiJY8MOaImG6hDnNbC9m9e1D5ohI5RQIKjI6AEz4t7BAJALr9b0eTJ9lV7JcSKhXgiaj08wbzMoKvziFe25OQLR6m6XE&cid=CAASEuRoyvQzBf0tH5kOoTzmDiozeA&rfl=1%2Chttps%253A%252F%252Fwww.coindesk.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:16:56 GMT content-encoding gzip x-content-type-options nosniff age 149 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3140 x-xss-protection 0 server cafe etag 17163059639670574047 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 06 Dec 2021 15:16:56 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame F081	24 KB 9 KB	7ms 6ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cgbm1DbxvXYn75DbMEjK_bKXHvHvMSTXVnbpfqr8xj7vE2OBJkzv6N0lvpL-aQo1QIgMPfC5i8KGsUlOfYJlp6eHlsDgLFJXiaRfwiOPxEAF1r1SJsn1U6TkyCzvzYMftYvV562xlzDXXJ3eYDK_J14DNcRg&dbm_d=AKAmf-Cir_iwmpB2oopc6dLqRJ1Sb2c6vWNjpSi-TYNX09iRdW7WIaaqj5ObSJcWDhfD_coloEAYZrCucLKQ4bvXJ34MgHiFN1z4hlz_YYoM9wpIHyzO4Z8nNEiqSbex4UnnJ_g8ulhvEuHehJG1QwbnIvTbKCZ0co2TzqW2UiYFLZmuIEC0mtiORU5Ly3qu5bunl0ZzWgPDGkDcIE7kJkq0Y9LtTF_B6tpcbSaeMTtioa8V79hBAZGRNWshHjlhFnhqvTXmhEjbHe0Mk5_p6g-T4J6x1eibja6le8csTn0DbYJlQc9lbeIFlE2KExBSbOXL2GdUMW4U3ylExnU_aVsAfKcmoWKDbFVnA9Ndy6lvVV9rypO0r8C8bVlKXCYwgWPfr0iMk9iVCyDyLCJdbOtKJQaWgcdlTvqYdkO6K1iC4mVr6fo-FpkAhoTLwAoTIKdwUXrRejMZuFcd4fjF4UOG4AwUJFrlESvk-i6MPIfR97EY59H9c3ZMGkgI14bnX-sE2SuIMkygOq9gvlTskWe7Fy1iQu6GFO4gGWqaCFHtj7G3Yxftuz5rotxmDSFnFjk36PT_oybjDZznNat4oZoQ2IsnDn3vKDwFyaQ4Fb9F7BnqHAp1Mpn4FrnWanaKMdG_FM_bxnX5XvBiqlP3gXV0P4SbAW53RwI5630Citdxg1Tpuk8XemmIKQfW0Q1GGik8LrO0veh2CExek2AhUKtcnBnq1E3L4oNreAZWTA-jSRgUVCvJOUkyyzaGvtQzcQWG_PXH50wue9QPJZf_Iw0-jP4xTKwJW4fhC9KM0DKVTWCo48qAV2CzgQiu3t9-YBX4OrZm_koYm2UDy7NIHhvGuvQKJ4QX8FQCt73LhPW8XSOUMP95IRC-vT0kZM_PAuXD_TbIXDiQCV21LYY-lkN13VkdAV1_qYYBrIunwN5d66h3f6D49X-Dly_d3n-J0ZCLVo-nJiHdrwdU0S2PVSzeulSdTki4AgJr0yqaLxZ6yuphGEMUEJ5ZekxFFkiCmaumDWu8T-PjUT59ZSMNrkMOYYe8VSVFBmqar9iSPFeoUE8Dj9mUG7ePTUTZLnve2AeXkcTiw8JVNU6gssIWdG6sXcRqB4j-NkDUadrFtnowT1doguhflgpQBL8RAq5IZnDXzjmDgmnUmlpgoeyId-CPdKEw8bf5YznBPT__v2OCXwTNbWOy95gy7Qqwtgp78q2idGmsMRsLqCBX_4jU9rz2GxUeNxPhSZWSdJnzANYnEYZ52hejg6N55zAdfKgqMUcU-KbAJIL6cHX2iNLDv07fnPzj8BzIo2SpWOyyXPxhaOAie4vyHBO2cEn7Zysn1QxPfN9h-JXYn0qfS8Ggz6XfbQh_OJDpbxCVfupAeywgZrRUOCCp66wUMRimTHnkiwdLjRDmqaGhosyfKp-GyiqC6MmmuUTmVXceHg189Q9MV97578CpEBek0t7gWbQaJJdeeBSdDIb5iSc4w6siqbu8Je_eesyaytfBWJ1VNeuDwdPAUD2OntEfuD5LDf9foT_vyqQgVjSmZW0D5ubvCKTRzjXMyf3XYQVw33J_4Xwj_4TQFcG2tYGOTpfDVBbjbvp48iHwDfQC7PPG3tKA9gsuBc94JxOyYCuSH3xLopkbvzfFFoFMJhmXEv343rxIsbWVWyQKWwxaVfDgozG23npGNvAxzjGSvXholSSp9vh-JXj1f2UIMeUySFllgf_3fxsjZdX2OVRxdghw3NKCbTdsjvOhL0bKZwxPhfx37VuwkxMB9FwY4Qp2jLhItBxAddLCVg4Yq7dKenlLIYf-4Gg2u8lAnL-W1DzZh2n0DofiLloQsuKbrIPEScwZUf3sMxUt266nqlc8ism72bNZ_v6VcEU9ey7cffSyQ0PlxxMzMleVMPpgFwVpCCxdXVFYUxIyUCQN8lW1RQMuhAUpLaQOA_Ngw6Wr3Ugp49le4iFfD8p4nLI9Fa9v5qZaOw9YUFTjdUp2Kr6W_mZWM4f57RKDt_niP35yYkQku4pun7iKwd5et5RBUq04gDdfrCOJ6NsR5Yw-ka2Jo6HiXZKZhThsqh6rtd4a_iSesqSQxY6qKCoRrOcqBQ4vdcyIzsNiKYi0a-WLWTzYNAolXWT32gGhhQQt86Shf94VajrH1nnV4nkunQIBTy0tH26OvcTN_JVIhXyA5xi2tKHBE2I1BdqET7VGtEUPLRlHs5RwOun8e-t0a0Rv90GQT0cr6hmYdlWWSO-2Wof6cnUg4rwnaL2ISAMKZjUg2L1KKHKjCMFFK4aYdIPEo9Gd5Yore7BULNjK-vQt--lhCsVAssI-lLiIBBa-xwO4frnsGIRT4cRBR4xekBpDjAGgfwekmSsHQ4Wkm9Mm2Df_KefoT8NNawbmadNaw590dSwj-0cnDzjK7CpkKdL0ADB3Y232zlq43Z0SKvWc9DJu3kRFuMn36AEy5C7a2SLLTDQgKIPbRyWOc3gQViy-_Aei2VsgxjbZDjOsb6lNl_8lSfks0xa2clblOa4K9ZZQD3oHu-lUDYmHXN1rcc7ONFqTjeCJjCSCUxTIHtSFOnZYoMfKd7gIVmrwLDIc1wRSwXitM4Rzfye1k9IubiUVE2oNsN7eLv8L5DPwmU2CFv211HuH_KKnUxx6-MxcuZkHeaXt6qkcqFp3HST9cxsA4DLEv9hSfubJ_Uqhhkm1avUb8RlR009TsK7GoFWEA46psrh-IssNok04oP_M2zLAoJL_y2s3-tfSPJCjhJzQ7aPVLOUt7-lTnhN53sFV7JvKV1AdldUr_13cb09UPSPBCbvqOP6LJurzgln-8jUnsBs4TFJRoFuURPju2YMSNRRSP2OXx51CwPDfPRk-F6FmR8at0PV246CZH2qDzZ1vYgJGT1Q0YZlpUE1RIx_iL6AibdIHeCywYbyf2vbhnoXtdLwY27GuvKH_vKTDfuzcDmA5gx1g2JNCYAaDFaS4Wz-4T72UTSIFnq_LVd9s6t8H5tA-D12u3iLsHAuaOIm-FSDgKkIc11y7LWNS9odC909CmVqFYSeJcj6YII1XsDi7fpfw-EnfEBAavZQXaG_CcTlVC0IkXLGCreP4oB_kiJY8MOaImG6hDnNbC9m9e1D5ohI5RQIKjI6AEz4t7BAJALr9b0eTJ9lV7JcSKhXgiaj08wbzMoKvziFe25OQLR6m6XE&cid=CAASEuRoyvQzBf0tH5kOoTzmDiozeA&rfl=1%2Chttps%253A%252F%252Fwww.coindesk.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:08:15 GMT content-encoding gzip x-content-type-options nosniff age 670 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9475 x-xss-protection 0 server cafe etag 15988442915344899701 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 06 Dec 2021 15:08:15 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame F081	41 KB 15 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com URL: https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 17 Nov 2021 17:49:55 GMT content-encoding gzip x-content-type-options nosniff age 422970 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Thu, 17 Nov 2022 17:49:55 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 68AC	1 KB 749 B	9ms 7ms	Document text/html	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com URL: https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Mon, 22 Nov 2021 05:53:44 GMT expires Tue, 23 Nov 2021 05:53:44 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 33941 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame F081	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2b47ddf44a4b11cf7f4d4cafee22858309760f333bcc33fe695169487f18acd9 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 8008	22 KB 8 KB	19ms 18ms	Document text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Sun, 21 Nov 2021 14:25:07 GMT expires Mon, 21 Nov 2022 14:25:07 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 89658 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/852229480827051210/ Frame 733F	71 KB 19 KB	28ms 7ms	Document text/html	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/852229480827051210/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 39a4299f79f658915f5878733cc21a893dad44b8d8741893f22c0ea1680528b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} timing-allow-origin * date Wed, 17 Nov 2021 05:56:44 GMT expires Thu, 17 Nov 2022 05:56:44 GMT last-modified Wed, 18 Nov 2020 17:52:14 GMT x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 cache-control public, max-age=31536000 content-length 19154 age 465761 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame F081	0 255 B	74ms 54ms	Ping image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1Dn6pXRZk5j2H20X-9dDQKMIK7tgqhJvih_Lm6Iriv6uO4hNbd_zwX86tcALGpw5k7ab5TksQvfSwD9DDkJx36TBLHncj0UnAcFd19aRunnpycNrhyPJcGvYPBZ4SizopBKvY2v92Wk14h0aSGL7dLJ7yLXbWn6PO6cOkAcf7MmQFzHdS3LPJR66DklSMIItH9fUri1yIMnS7eknAyVl58ldFxY8pBZ0ltC60jYkanEZ5aQX-m0uh6O35fmBe4FC79qbMfLVi4MWGBB6opPAoqo8AUy7wwe82m6Po-xJZFz_7BqhnEiEnod3hRua_5I20l_OogEk_GKo8Ghf-9icEaWIMVRhxdiKnC_uD1y4RhTuMf8xpt-1JUmksCQvcl93oyZlBsoJtKfSFen3gfdRprFRxrHKfVLNrXFdl4U83uKhVDWsW0bAi-wMPcfBKoCgpCuYI53HcPKvoEnKJ79y4jgFg7GgV_Fw8PJ8tGBsMVGfmCHmhhT2_JUUvJZoLrVJfdpVKBYSvloWqJdx4PykNeJLn52xqpCS4buI8DRrchOMNEz37jVs76OOtC1-5aRZ_1MAD3E-CjyHZX3RR7wKJx0zk414whBJXo0dJIZ0NpOkFdMtokbDQeclHtBrYxfOkz9XUznjgPxbHGwP2v7OpJSfKWmpYW3s9N0urDCO_fukhbPkttc1FSc1EBsSDg4-nSwBc4618kfZQF3tpWuAHv-HCPc1Kcoh4QskXjEYsfgKbd_5nlfdwNvjJIl9OVdCYkvo9avLS_X2rpvFDYtmR5dF5X7qiu1R1KO42dA10U9xacwhO1Obw0c6K7OcF0LN44HchdVTKI_PDy44mo2WF8A9dg9KOe1uF5REjR70k8UJBFwcVMCv0MOqo4ftJHfWGungHqgvTSamD6ePBuc-BcZFyyIPmqQsjpIvSj5haWdWIKychwgsAiZCF9u4QAOWGREc-oqPWbWqCNw-GF1fmINp2r3PthG8wJEt4zZv6mBijbHCX_2WI12_D2lyeFyJoo__jjeOO88lt9MwSkbuMHpTk3eHTYL84P2j3MERiq7HpYf34sT92Hbw8S0HehV5le_sJn6Iqfq5iTQjSCmARPvp58_xsdv8ZTtg0fQ6lv5rJGGpnk1DTxj_ALzaicds66-zWWtie-B-s2Hq_uke1IvgRbt6uVic-XFunW8aPqwCGh-k0jJr-4f-D9LsGa7DiddYdVQfhezyEkKRjkk93yC8&sai=AMfl-YTiRV12CYd767CeiExC8lXi0gnOpNlDvMuO0gFCqACdtPNy1K9YRMI6fG4mJyGRn70zSpOtCg-eQmKh0wUJuuEyroyAckiXqunQUoFsamUmUxT5Sx-dKnExDL4xiD7Fd2_D-NVqXxUMnbXVYRW1Daqn_4AZtWexa896QxtixXpF2Sci0Cze&sig=Cg0ArKJSzE_5_fXAjaeEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=110&cbvp=1&cstd=107&cisv=r20211111.13326&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Mon, 22 Nov 2021 15:19:25 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 68AC Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDEH8ej3PFt29j93pOenCC4&google_cver=1&google_push=AYg5qPItIS_zrcXy6pBNXmz5NzFv0wv0k366JlwGx6tfo8IX1rcxywzlMrUB1o1aEyv8l8wnXtKpdeYsSI6Kz5ZjhtQRoq_eOzlb https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzE3MTExNTAyNzAwNTc2OTc2Mg==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDEH8ej3PFt29j93pOenCC4&google_cver=1	43 B 407 B	128ms 110ms	Image image/gif	2620:112:f002:bbbb::21 TURN-US-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDEH8ej3PFt29j93pOenCC4&google_cver=1 Protocol H2 Server 2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:25 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-type image/gif content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Mon, 22 Nov 2021 15:19:26 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDEH8ej3PFt29j93pOenCC4&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 68AC Redirect Chain https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMfC2afkoTfXJHKWf-av7z8&google_cver=1&google_push=AYg5qPJRFN76hL7b5160oUNyxlek8VuGcCWSbO1GMwVZz8eX72QXBlT35yOOxATIcmxCZXBos9K12UDaWPJPd-pv... https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJRFN76hL7b5160oUNyxlek8VuGcCWSbO1GMwVZz8eX72QXBlT35yOOxATIcmxCZXBos9K12UDaWPJPd-pvWjAtwG_XcXs	170 B 188 B	32ms 31ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJRFN76hL7b5160oUNyxlek8VuGcCWSbO1GMwVZz8eX72QXBlT35yOOxATIcmxCZXBos9K12UDaWPJPd-pvWjAtwG_XcXs Requested by Host: 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com URL: https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Mon, 22 Nov 2021 15:19:25 GMT via 1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA56-C2 x-cache FunctionGeneratedResponse from cloudfront p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJRFN76hL7b5160oUNyxlek8VuGcCWSbO1GMwVZz8eX72QXBlT35yOOxATIcmxCZXBos9K12UDaWPJPd-pvWjAtwG_XcXs cache-control no-cache, must-revalidate content-length 0 x-amz-cf-id yQJWVxuVxYIa-9-hoSDQAmUfwDqfFkm0itsxM_D3EReESFXqBkmrcw==
GET H3	200	pixel cm.g.doubleclick.net/ Frame 68AC Redirect Chain https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM... https://sync.targeting.unrulymedia.com/csync/RX-60b71a13-0196-4fe7-b4d4-9189f0894612-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIz_quUqL6UVOesAAryL... https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIz_quUqL6UVOesAAryL8uBUNtGCElkQroxQaXGglH9Auz4BNRdwjNxjHnq8C_czAC9wDdCDOrx4lNWjQLlDypVhuDA4awC&google_hm=A2C3GhMBlk_ntNSRifCJRhI	170 B 188 B	17ms 17ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIz_quUqL6UVOesAAryL8uBUNtGCElkQroxQaXGglH9Auz4BNRdwjNxjHnq8C_czAC9wDdCDOrx4lNWjQLlDypVhuDA4awC&google_hm=A2C3GhMBlk_ntNSRifCJRhI Requested by Host: 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com URL: https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIz_quUqL6UVOesAAryL8uBUNtGCElkQroxQaXGglH9Auz4BNRdwjNxjHnq8C_czAC9wDdCDOrx4lNWjQLlDypVhuDA4awC&google_hm=A2C3GhMBlk_ntNSRifCJRhI date Mon, 22 Nov 2021 15:19:25 GMT server Tengine p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" etag RX60b71a1301964fe7b4d49189f0894612003 content-type text/html
GET H3	200	pixel cm.g.doubleclick.net/ Frame 68AC Redirect Chain https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEH3IgahPNmTu1UoCXM-src8&google_cver=1&google_push=AYg5qPI_PDhmiogvxBEkTARZ08k12k2hYn7S8YcV6LMkrVdRDgaO9LRa1pXE0dtvPDX1kiLLyFnAedYapuQbW2LnefxmEkYGFeMF https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPI_PDhmiogvxBEkTARZ08k12k2hYn7S8YcV6LMkrVdRDgaO9LRa1pXE0dtvPDX1kiLLyFnAedYapuQbW2LnefxmEkYGFeMF&goog... https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ5NTI4MDY0NTg2MDQxNTA5OA%3D%3D&google_push=AYg5qPI_PDhmiogvxBEkTARZ08k12k2hYn7S8YcV6LMkrVdRDgaO9LRa1pXE...	170 B 188 B	18ms 17ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ5NTI4MDY0NTg2MDQxNTA5OA%3D%3D&google_push=AYg5qPI_PDhmiogvxBEkTARZ08k12k2hYn7S8YcV6LMkrVdRDgaO9LRa1pXE0dtvPDX1kiLLyFnAedYapuQbW2LnefxmEkYGFeMF Requested by Host: 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com URL: https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ5NTI4MDY0NTg2MDQxNTA5OA%3D%3D&google_push=AYg5qPI_PDhmiogvxBEkTARZ08k12k2hYn7S8YcV6LMkrVdRDgaO9LRa1pXE0dtvPDX1kiLLyFnAedYapuQbW2LnefxmEkYGFeMF date Mon, 22 Nov 2021 15:19:25 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	sync ssbsync.smartadserver.com/api/ Frame 68AC	0 75 B	85ms 17ms	Image text/plain	185.86.139.104 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFCH0EHVv8MR9VmiF3ram1o&google_cver=1&google_push=AYg5qPKBg1gngWlpMxsqVRv53eOqjFUJeihq3B6Id-v0klH_Ac5um3pHUgMJjm5vY6kxrIib5yO-JtRibKsBk3l2FjKWEk34k2tY Requested by Host: 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com URL: https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:24 GMT content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 68AC Redirect Chain https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEATD7iCJK2cYA37Euhjp7pY&google_cver=1&google_push=AYg5qPJ4E0jPS4xIto8cbpjNiwAJQKjpK8uFCA3vnNT57YVq4QBMXTek... https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEATD7iCJK2cYA37Euhjp7pY&google_cver=1&google_push=AYg5qPJ4E0jPS4xIto8cbpjNiwAJQKjpK8uFCA3vnNT57YVq4QBMXTek... https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEATD7iCJK2cYA37Euhjp7pY&google_cver=1&google_push=AYg5qPJ4E0jPS4xIto8cbpjNiwAJQKjpK8uFCA3vnNT57YVq4QBMXT... https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NDA0YjIwNi00YmE3LTExZWMtOWE2NC0wNmZmNDEwM2Q2Zjg%3D&google_push=AYg5qPJ4E0jPS4xIto8cbpjNiwAJQKjpK8uFCA3vnNT57YVq4QBMXTektubLUxaHft...	170 B 188 B	18ms 17ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NDA0YjIwNi00YmE3LTExZWMtOWE2NC0wNmZmNDEwM2Q2Zjg%3D&google_push=AYg5qPJ4E0jPS4xIto8cbpjNiwAJQKjpK8uFCA3vnNT57YVq4QBMXTektubLUxaHftUZKa3NG63gXG6vcR9UbRuT4MeOqSE_470-8A Requested by Host: 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com URL: https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NDA0YjIwNi00YmE3LTExZWMtOWE2NC0wNmZmNDEwM2Q2Zjg%3D&google_push=AYg5qPJ4E0jPS4xIto8cbpjNiwAJQKjpK8uFCA3vnNT57YVq4QBMXTektubLUxaHftUZKa3NG63gXG6vcR9UbRuT4MeOqSE_470-8A date Mon, 22 Nov 2021 15:19:25 GMT server ATS/9.1.0.33 age 0 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H3	200	pixel cm.g.doubleclick.net/ Frame 68AC Redirect Chain https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOZ0r9GdILpfv-uPhg_9fwA&google_cver=1&google_push=AYg5qPLDyDclNx-mtpufemrMwecQ-pnrbJ1kvGPio_9GELLNdE0RNebrUPHXFgvy0SDsuSwgXf... https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOZ0r9GdILpfv-uPhg_9fwA&google_cver=1&google_push=AYg5qPLDyDclNx-mtpufemrMwecQ-pnrbJ1kvGPio_9GELLNdE0RNebrUPHXFgvy0SDsuSwgXf... https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wZXVPVXRaRTJ1Rms1Z0Zja3N3cTRPU1Rib1Y4d21CbX5B&google_push=AYg5qPLDyDclNx-mtpufemrMwecQ-pnrbJ1kvGPio_9GELLNdE0RNebrU...	170 B 188 B	18ms 18ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wZXVPVXRaRTJ1Rms1Z0Zja3N3cTRPU1Rib1Y4d21CbX5B&google_push=AYg5qPLDyDclNx-mtpufemrMwecQ-pnrbJ1kvGPio_9GELLNdE0RNebrUPHXFgvy0SDsuSwgXfEtR0-esUD2ZVS0AheaAUKpm6LE7w Requested by Host: 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com URL: https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wZXVPVXRaRTJ1Rms1Z0Zja3N3cTRPU1Rib1Y4d21CbX5B&google_push=AYg5qPLDyDclNx-mtpufemrMwecQ-pnrbJ1kvGPio_9GELLNdE0RNebrUPHXFgvy0SDsuSwgXfEtR0-esUD2ZVS0AheaAUKpm6LE7w date Mon, 22 Nov 2021 15:19:25 GMT server ATS/9.1.0.33 age 0 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 68AC	0 12 B	31ms 15ms	Image text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lnm0dktMiMGV7AjsXJ-qaiHJCf_19qrBHGMmGfiOURwFfNZSFWuY-g7ey-RKUdTQ80I2xWZNY Requested by Host: 9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com URL: https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:25 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response pagead2.googlesyndication.com/bg/ Frame 8008	35 KB 13 KB	7ms 7ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash 091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 21 Nov 2021 13:20:25 GMT content-encoding br x-content-type-options nosniff age 93540 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13332 x-xss-protection 0 last-modified Mon, 08 Nov 2021 11:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 21 Nov 2022 13:20:25 GMT
GET H2	200	css fonts.googleapis.com/ Frame 733F	2 KB 1 KB	40ms 16ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/852229480827051210/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2973257313b8a6815336e3c045ab9814ece44936d58bf637175cd7047cfc9406 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 22 Nov 2021 14:22:55 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 22 Nov 2021 15:19:25 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 22 Nov 2021 15:19:25 GMT
GET H3	200	DcmEnabler_01_245.js Show response s0.2mdn.net/879366/ Frame 733F	28 KB 10 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_245.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/852229480827051210/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/852229480827051210/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 21 Nov 2021 15:47:29 GMT content-encoding gzip x-content-type-options nosniff age 84716 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10285 x-xss-protection 0 last-modified Wed, 14 Oct 2020 19:32:53 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 22 Nov 2021 15:47:29 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/ Frame 733F	15 KB 16 KB	33ms 7ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://s0.2mdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 17 Nov 2021 17:56:19 GMT x-content-type-options nosniff age 422586 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 17 Nov 2022 17:56:19 GMT
GET H3	200	Pastille_728x90.png s0.2mdn.net/sadbundle/852229480827051210/ Frame 733F	3 KB 3 KB	11ms 10ms	Image image/png	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/852229480827051210/Pastille_728x90.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/852229480827051210/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ca14a6ae12972e6d2e8e27b212d962f33a231bb00c3786db696723dbe9619f1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/852229480827051210/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 16 Nov 2021 20:11:19 GMT x-content-type-options nosniff age 500886 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3477 x-xss-protection 0 last-modified Wed, 18 Nov 2020 17:52:14 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 16 Nov 2022 20:11:19 GMT
GET H3	200	Fnd_728x90.jpg s0.2mdn.net/sadbundle/852229480827051210/ Frame 733F	9 KB 9 KB	11ms 11ms	Image image/jpeg	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/852229480827051210/Fnd_728x90.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/852229480827051210/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 62749769b5162194a5c028fa5a22099938b8aabbd3c4b2c3578cd008bc640919 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/852229480827051210/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 12:46:20 GMT x-content-type-options nosniff age 9185 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9247 x-xss-protection 0 last-modified Wed, 18 Nov 2020 17:52:14 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 22 Nov 2022 12:46:20 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame F081	0 23 B	50ms 49ms	Ping image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1Dn6pXRZk5j2H20X-9dDQKMIK7tgqhJvih_Lm6Iriv6uO4hNbd_zwX86tcALGpw5k7ab5TksQvfSwD9DDkJx36TBLHncj0UnAcFd19aRunnpycNrhyPJcGvYPBZ4SizopBKvY2v92Wk14h0aSGL7dLJ7yLXbWn6PO6cOkAcf7MmQFzHdS3LPJR66DklSMIItH9fUri1yIMnS7eknAyVl58ldFxY8pBZ0ltC60jYkanEZ5aQX-m0uh6O35fmBe4FC79qbMfLVi4MWGBB6opPAoqo8AUy7wwe82m6Po-xJZFz_7BqhnEiEnod3hRua_5I20l_OogEk_GKo8Ghf-9icEaWIMVRhxdiKnC_uD1y4RhTuMf8xpt-1JUmksCQvcl93oyZlBsoJtKfSFen3gfdRprFRxrHKfVLNrXFdl4U83uKhVDWsW0bAi-wMPcfBKoCgpCuYI53HcPKvoEnKJ79y4jgFg7GgV_Fw8PJ8tGBsMVGfmCHmhhT2_JUUvJZoLrVJfdpVKBYSvloWqJdx4PykNeJLn52xqpCS4buI8DRrchOMNEz37jVs76OOtC1-5aRZ_1MAD3E-CjyHZX3RR7wKJx0zk414whBJXo0dJIZ0NpOkFdMtokbDQeclHtBrYxfOkz9XUznjgPxbHGwP2v7OpJSfKWmpYW3s9N0urDCO_fukhbPkttc1FSc1EBsSDg4-nSwBc4618kfZQF3tpWuAHv-HCPc1Kcoh4QskXjEYsfgKbd_5nlfdwNvjJIl9OVdCYkvo9avLS_X2rpvFDYtmR5dF5X7qiu1R1KO42dA10U9xacwhO1Obw0c6K7OcF0LN44HchdVTKI_PDy44mo2WF8A9dg9KOe1uF5REjR70k8UJBFwcVMCv0MOqo4ftJHfWGungHqgvTSamD6ePBuc-BcZFyyIPmqQsjpIvSj5haWdWIKychwgsAiZCF9u4QAOWGREc-oqPWbWqCNw-GF1fmINp2r3PthG8wJEt4zZv6mBijbHCX_2WI12_D2lyeFyJoo__jjeOO88lt9MwSkbuMHpTk3eHTYL84P2j3MERiq7HpYf34sT92Hbw8S0HehV5le_sJn6Iqfq5iTQjSCmARPvp58_xsdv8ZTtg0fQ6lv5rJGGpnk1DTxj_ALzaicds66-zWWtie-B-s2Hq_uke1IvgRbt6uVic-XFunW8aPqwCGh-k0jJr-4f-D9LsGa7DiddYdVQfhezyEkKRjkk93yC8&sai=AMfl-YTiRV12CYd767CeiExC8lXi0gnOpNlDvMuO0gFCqACdtPNy1K9YRMI6fG4mJyGRn70zSpOtCg-eQmKh0wUJuuEyroyAckiXqunQUoFsamUmUxT5Sx-dKnExDL4xiD7Fd2_D-NVqXxUMnbXVYRW1Daqn_4AZtWexa896QxtixXpF2Sci0Cze&sig=Cg0ArKJSzE_5_fXAjaeEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=297&vt=11&dtpt=187&dett=3&cstd=107&cisv=r20211111.13326&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Mon, 22 Nov 2021 15:19:25 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 0AD0	0 0	43ms 43ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssNbCgPT_ekiQudLKIXpCCouzoMwiok58Ttt7tRUH3eYMEY29qvbfFVL9h7VUMdTlGjw_7uEvyM1A1xWAbegDq6mU3ovUE6AgcwVMGa4fL8o_oD_AhlAKYcLAm_GlYciCYwm8OJAve7HVMnhO7dLcvsKN5lX92JCntVjQSUHKNIzYoMBhXBsJRKcMMFAGeYfsoq20RdmQh-y__S42QoJf4wboACei_qdG87DAxiJmL1fOyFf1QZ5tbT9aP79ag4k6SNtuTQnYPkbDM5npvs_hcS16gschN24bb0oDp-ujXxdBYEJqz1yhEVE6EMUw7yr9DHgzuiekh4DjHXbeuqFhSqGBX7HO-7aj32m_QYIhv6xctTzWlFidfyLXQUj-pIclR48bnoQn6OWnEvElQrkwq2lbg47P9t4M4&sig=Cg0ArKJSzLkQMA-yrD4qEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl= Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Mon, 22 Nov 2021 15:19:25 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 0AD0	41 KB 15 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 17 Nov 2021 17:49:55 GMT content-encoding gzip x-content-type-options nosniff age 422970 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Thu, 17 Nov 2022 17:49:55 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0AD0	119 KB 36 KB	63ms 46ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 22 Nov 2021 15:19:25 GMT
GET H3	200	ClaimYourName_970x250.jpg s0.2mdn.net/10895008/ Frame 0AD0	106 KB 106 KB	9ms 9ms	Image image/jpeg	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/10895008/ClaimYourName_970x250.jpg Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5381ded3b35ce78e1937b87f61a28e88926e792cbfd6583c5ac239048a657e35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 21 Nov 2021 21:24:44 GMT x-content-type-options nosniff age 64481 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 108226 x-xss-protection 0 last-modified Mon, 27 Sep 2021 23:05:03 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 22 Nov 2021 21:24:44 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 2E00	22 KB 8 KB	11ms 10ms	Document text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Sun, 21 Nov 2021 14:25:07 GMT expires Mon, 21 Nov 2022 14:25:07 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 89658 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8008	0 20 B	50ms 48ms	Image image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bm9Yj_bSbYdb8GonX-gab_ojYCQAAAAA4AeAEAg&bg=!w8ClwITNAAZQLpa_UC47ACkAdvg8WoRZaLTggLhAChCzewr_G6RyOvPZd-8Tp6GIzimv-1-eH-yk0AIAAAB-UgAAABFoAQeZAtDG2okzCaMkv39VZD3Goe5U-pPzG5FJehtnAhDY6US7Sf5mfOrJ1GCZZYNJOLqM5GJzPwbTDTcrrrPfplh6pcp6KFbhJQfS5_FyigC776I6YFn15gvfzbbW_XC2nwX9hommokVfFKR3zCgNAVsSpjwxKxOb5cN_xCBhNb7bnuNG30qxNvthu7pihqsB_fzPOeD6ID80jgvIVe5zuuFcr8EbIAXG_IpVNolQyFZLqaZVRps_-JxTyxOWcc-hrA0tpgnp2XOt9zlgaH8Hl0s2yFWHVVBU_yjH7xVAywyCLuGzVYqluw51yNFmUdmlK62pjVxtCumDsO-bfZOyVLyxspnGFcCE8bUPloYO5_0vhqJymQVjgVwCujS7AVCjJeBOuAwD5OjKUjKhE9OUr_5NOqqrqUXe7lSnrSXEyPfe6gKlVNta0BiIf2RGlajNRh24GaJee4SutJMBoEJYX36kpzXcw0209y0rsGBjTBqlcGBkKbovJgzUTRSip8L38fOjjv7XZg_3tFTIgwsKun_hRyIlHZ0A8c-03bqY9SmERM-1Libiy0Dc2s81g6g7PkHhtSxDJ7rBp2goB78y0JH0OBbCuRIF7kieG8tgUnmdg0kVudpzqpgvolzGV7nr8RBXI-cJfwhDQIvR9sDrw1hN8nnLrNTP7EZRWeSmc_vaEZpRulIHDSnYDweNMOSHVjXoTV6u4Me5lE9_Ijs-75bZGjErZZjHGPQRVTIFG9p2DexRV26ITnvn3zRqZyuccbv9rJhKxwvS0NciaWCe1--mEb7odaXtefT1fJ4blIZ_pvcnILvFOGDcwPpViXvB1xri6me1JCZuF5-qa3EnDCtgXiYKKQ-XXTpZnSZyL0Nn5UvpC7eeJ2XpFWCUjsYFCgXYHL7v11Iq5xygmTM4UK75MvbCXb1Nrhi76dy-fYH6y_4cdocjC6gfmissSOEKEEjohBs Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:25 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response pagead2.googlesyndication.com/bg/ Frame 2E00	35 KB 13 KB	7ms 6ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash 61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 12:29:24 GMT content-encoding br x-content-type-options nosniff age 10201 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13476 x-xss-protection 0 last-modified Mon, 08 Nov 2021 11:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 22 Nov 2022 12:29:24 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 0AD0	0 0	46ms 46ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoPuUIm1Kqtx3OaRfubWKbHpMvkhj57xb252gz7ersntBEs73zUimy_An85xSycNNi5yH8qsI9MCc0AioEEvLx5J7t__pilJs-DLhUlbzlHopTrSsoqhV0EPE-DKFc9mXKbOX-Wxlq7B3eiY2xkcac1q23E3nDUVJIMkND4oy_H-JwyEDn2oHcJoaliCgd7Qa_RS4X9_mmWo96yJxNr5SphAEOnftCuxIiwQvA5SBYda59lx8Eu-E2mwdEkKIRRoBPGLiukxOTAAGkjsL86L_EnkzoyfbUk8s8DxZpiioFy1jDSQBSxYB5MiI-Ai7JMUqv&sig=Cg0ArKJSzBp4MZ8O26KbEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Mon, 22 Nov 2021 15:19:25 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Mon, 22 Nov 2021 15:19:25 GMT
GET DATA	200 OK	truncated / Frame 0AD0	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 33b47a21cf5801060422867964923137e490f17ace447d367cb20a9f963cf4e8 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2E00	0 20 B	49ms 48ms	Image image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuW_B_LSbYebQOJqP3gO_mo2gAQAAAAA4AeAEAg&bg=!d3SldDDNAAZQLpa_UC47ACkAdvg8WpnE374eDB4tnitp80SNNXWU8G7F6w5wCGYnQgk42yHAaL73LwIAAABvUgAAAAtoAQeZAqyEqexanpN75Q9tL1hRXZem079KrqL9NaM2v3iUrYtdBj9UY6kTdHgejtIcG9x2dtkZsCIMld6YUigozjpP3PeUYdqbUdgi8WClYFjK1MLXw21f5sp0IHX3HlisARSbTvY65vLV-bocrTcI-EW7MvGIlbKC6DZCFBWLEkk_VHWHWuMwfc9Dbmxm3v8GfN6-qwp-rhVNSwDv8963qT9RdKJKBU63Z-G9h2_jtk0W8gFP29AkNQTZCu8Kap2yqJBeAf36dp7urHWPYSy6iHIsNgQzYOs0Sn-R70N1SGywLC0J2y4Ejl9atboq5d7PEiByYXtk6XIt9q8M6Kl2J2LuuCvMR9QJZVqnBlcdO2GjZnh11YrQdDcbCDSOnzK-zGGsM4Ay_NBY1udeJnNfK7hB3T-T9TB3pcOfawqrefWXsSeQROwViv5v1be-Kwittv7aGIG5NMheiUmJtRHdHD2y_fng1WYwB_pZKGq3UVsAMybTroOVtyXtrziHH9x_ut5RNHDE5V9fcDgz4NuRfxkKdYRapMllaC-aIn7dmDfk-4pcEWLWx81AL66wJzqyEtlk2A5Q20eITSFSUBSzCKInTPrNTwzeXU5dubY0zyToLMlyYu7OL3mDisqlOcIUequLJDcxzf9IR2RQ2U9HsFeaO1lLpZ0j4Hea2tGIJU7haNe3KXO96-3zK9X3LVZH9uQM5-PvGMjWTtoR7rK3mA7Z20PJK84FFU0oW7h7IxfzC9R6NOSHVxwKhT8PJX7Me0oeySbMVOrZssq2UxFfXr5IpVpK7_02LrjH8sMiwgLNN0-yXE03SC60OLaV0lfqMxFgqjN_N1HCaUmrmfVSXJwH0cnh1SlSZvO5pWY-Zgkn3y2RI6UyiR7YrwnLpCc4rPbtI__jV8W8UbVN17fRboE Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame E4E6	0 0	48ms 47ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmpDWPBS5yCxHGrdzm-dmNG15u5VdpBRnvc76LUq5ERZ3AItCuhqBIJ8mvWKSSofNA_zpp-gNW5S5Tby-nYeOQOKvZc8e7fdG9GP74nQJ8mfgT_kM2gtHbPpStHI89_8dEWAMN-sGEJzvsSYLsTubvJg4iaXLBVyViBTfTnf2H3ZBLO98YwWB45ZgXw2ioSYJSCAOz3nIJQGVtM71ttXi_DrDnQfV_xI3jOUaBngzIXcdiIuynot4JFk_lcyWCqiMnzt1--hR61rruZVQkQdE6IR-R_yOyeuha5lJ2UIZd9Tg4APjyfyYAXi0BAx9KEcklgSkhRk8OAo3qrAzoweL4&sig=Cg0ArKJSzHtHu2r5Psg9EAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.coindesk.com URL: https://www.coindesk.com/business/2021/11/10/electronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Mon, 22 Nov 2021 15:19:26 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	dcmads.js Show response www.googletagservices.com/dcm/ Frame E4E6	9 KB 4 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/dcmads.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 14:23:00 GMT content-encoding gzip x-content-type-options nosniff age 3386 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4451 x-xss-protection 0 last-modified Thu, 21 Oct 2021 15:55:37 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Mon, 22 Nov 2021 15:23:00 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame E4E6	119 KB 36 KB	46ms 46ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 22 Nov 2021 15:19:26 GMT
GET H3	200	impl_v81.js Show response www.googletagservices.com/dcm/ Frame E4E6	41 KB 17 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/impl_v81.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/dcmads.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:23:00 GMT content-encoding gzip x-content-type-options nosniff age 442586 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17189 x-xss-protection 0 last-modified Mon, 18 Oct 2021 20:08:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 17 Nov 2022 12:23:00 GMT
GET H2	200	B24653495.311737493;dc_ver=81.235;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=1575238846;ord=qjnfx8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstCB7yvDxkyHqaW2EbiID... Show response ad.doubleclick.net/ddm/adi/N1224350.1920962COINDESK.COM/ Frame D530	41 KB 22 KB	63ms 36ms	Document text/html	142.250.186.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/ddm/adi/N1224350.1920962COINDESK.COM/B24653495.311737493;dc_ver=81.235;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=1575238846;ord=qjnfx8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstCB7yvDxkyHqaW2EbiIDpSwf3QXYWzo0a68a8HTyN3dsnVKTg2K4ziJ0Fl9M5BXxdQn5p8Al5pyGUnkon52HIgQZ4eyoUFL8X6CpRHPxJu4ZL8U9LIYsjnBRLbHKWMWpOY165XnsYWZ2sxBX2roFWeKRAB1DLX77ZHdgr6wMerGb7oOjG0JEF2IlfFZcLKxX-8iZPKCBXBjSkH6m0h8Cldfk69Wm3UpTZ2dpaUgMeaAAbU_G0fvb12vEx0IUbDex8khchw5GxpcAburLFM9YLlffaI0qlpHYojA7ounMHTpBw1qflF2L5g68yeWrrl6A%26sig%3DCg0ArKJSzExL8dllIRHeEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F$0;xdt=0;crlt=CWBl6z*(dF;sttr=18;prcl=s Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/impl_v81.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f6.1e100.net Software cafe / Resource Hash d327388eb41d8bc3470f1431bdbe1e335b9d59d3c0b029d5638132883c8aee92 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Mon, 22 Nov 2021 15:19:26 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br server cafe content-length 21641 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame E4E6	0 0	45ms 44ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1Ln8rJLCl3VKdXkI2ZrXZvdCTj9-t6A6q0m_weBu7Wnad8lniITn1lIvM31cmAcIRR-GOzlM2ect0gPfpS1ohh5-GsziwJpI-q75Dupaic8As9BVTYr503HQvDTXjiPcFQV2f_8aa2ff03u_PPKWJWn9bkKW80ES4icmu3TdY_6SPSawDQgP_AsMJsEvSB2HLbvqeX_igsLHqzODPPigMcYYtJSpQnMFKfXNKAJwfetZw4rhkvS5SInmIT1ImQqzhuYTolE37Vi8tdDCr1LKMby_CsRGylPnMn-8LJczlONfXXg0ZE95R4ROhSkmRoqgjyE0K&sig=Cg0ArKJSzBclgUyWM5ByEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Mon, 22 Nov 2021 15:19:26 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Mon, 22 Nov 2021 15:19:26 GMT
GET DATA	200 OK	truncated / Frame E4E6	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash af41d5ac42db49ebbf1d33ceb6d158f64815af37c8856b9ceba7fb4ba562ed11 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET H3	200	ADA_EN1_300x250_ADA_EN1.gif s0.2mdn.net/9944765/ Frame D530	43 KB 43 KB	10ms 10ms	Image image/gif	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9944765/ADA_EN1_300x250_ADA_EN1.gif Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N1224350.1920962COINDESK.COM/B24653495.311737493;dc_ver=81.235;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=1575238846;ord=qjnfx8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstCB7yvDxkyHqaW2EbiIDpSwf3QXYWzo0a68a8HTyN3dsnVKTg2K4ziJ0Fl9M5BXxdQn5p8Al5pyGUnkon52HIgQZ4eyoUFL8X6CpRHPxJu4ZL8U9LIYsjnBRLbHKWMWpOY165XnsYWZ2sxBX2roFWeKRAB1DLX77ZHdgr6wMerGb7oOjG0JEF2IlfFZcLKxX-8iZPKCBXBjSkH6m0h8Cldfk69Wm3UpTZ2dpaUgMeaAAbU_G0fvb12vEx0IUbDex8khchw5GxpcAburLFM9YLlffaI0qlpHYojA7ounMHTpBw1qflF2L5g68yeWrrl6A%26sig%3DCg0ArKJSzExL8dllIRHeEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F$0;xdt=0;crlt=CWBl6z*(dF;sttr=18;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7effa6f67618051a0ad3dee09c6bf0065eccde40c86414c83cecbcada2f04f53 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 02:58:59 GMT x-content-type-options nosniff age 44427 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44444 x-xss-protection 0 last-modified Tue, 19 Oct 2021 09:55:57 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 23 Nov 2021 02:58:59 GMT
GET H3	200	sodar_loader.js Show response pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/xfa/ Frame D530	10 KB 4 KB	9ms 8ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/xfa/sodar_loader.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N1224350.1920962COINDESK.COM/B24653495.311737493;dc_ver=81.235;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=1575238846;ord=qjnfx8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstCB7yvDxkyHqaW2EbiIDpSwf3QXYWzo0a68a8HTyN3dsnVKTg2K4ziJ0Fl9M5BXxdQn5p8Al5pyGUnkon52HIgQZ4eyoUFL8X6CpRHPxJu4ZL8U9LIYsjnBRLbHKWMWpOY165XnsYWZ2sxBX2roFWeKRAB1DLX77ZHdgr6wMerGb7oOjG0JEF2IlfFZcLKxX-8iZPKCBXBjSkH6m0h8Cldfk69Wm3UpTZ2dpaUgMeaAAbU_G0fvb12vEx0IUbDex8khchw5GxpcAburLFM9YLlffaI0qlpHYojA7ounMHTpBw1qflF2L5g68yeWrrl6A%26sig%3DCg0ArKJSzExL8dllIRHeEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F$0;xdt=0;crlt=CWBl6z*(dF;sttr=18;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 806b4ea1a35d9a0327df2f3423b2792713d96cf9b2cafd5b3e0bc0b624eaaffa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 21 Nov 2021 20:02:45 GMT content-encoding gzip x-content-type-options nosniff age 69401 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4150 x-xss-protection 0 server cafe etag 7197913981456707621 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 05 Dec 2021 20:02:45 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame D530	8 KB 3 KB	7ms 7ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N1224350.1920962COINDESK.COM/B24653495.311737493;dc_ver=81.235;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=1575238846;ord=qjnfx8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstCB7yvDxkyHqaW2EbiIDpSwf3QXYWzo0a68a8HTyN3dsnVKTg2K4ziJ0Fl9M5BXxdQn5p8Al5pyGUnkon52HIgQZ4eyoUFL8X6CpRHPxJu4ZL8U9LIYsjnBRLbHKWMWpOY165XnsYWZ2sxBX2roFWeKRAB1DLX77ZHdgr6wMerGb7oOjG0JEF2IlfFZcLKxX-8iZPKCBXBjSkH6m0h8Cldfk69Wm3UpTZ2dpaUgMeaAAbU_G0fvb12vEx0IUbDex8khchw5GxpcAburLFM9YLlffaI0qlpHYojA7ounMHTpBw1qflF2L5g68yeWrrl6A%26sig%3DCg0ArKJSzExL8dllIRHeEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F$0;xdt=0;crlt=CWBl6z*(dF;sttr=18;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:16:56 GMT content-encoding gzip x-content-type-options nosniff age 150 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3140 x-xss-protection 0 server cafe etag 17163059639670574047 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 06 Dec 2021 15:16:56 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D530	119 KB 36 KB	19ms 19ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N1224350.1920962COINDESK.COM/B24653495.311737493;dc_ver=81.235;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=1575238846;ord=qjnfx8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstCB7yvDxkyHqaW2EbiIDpSwf3QXYWzo0a68a8HTyN3dsnVKTg2K4ziJ0Fl9M5BXxdQn5p8Al5pyGUnkon52HIgQZ4eyoUFL8X6CpRHPxJu4ZL8U9LIYsjnBRLbHKWMWpOY165XnsYWZ2sxBX2roFWeKRAB1DLX77ZHdgr6wMerGb7oOjG0JEF2IlfFZcLKxX-8iZPKCBXBjSkH6m0h8Cldfk69Wm3UpTZ2dpaUgMeaAAbU_G0fvb12vEx0IUbDex8khchw5GxpcAburLFM9YLlffaI0qlpHYojA7ounMHTpBw1qflF2L5g68yeWrrl6A%26sig%3DCg0ArKJSzExL8dllIRHeEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F$0;xdt=0;crlt=CWBl6z*(dF;sttr=18;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 22 Nov 2021 15:19:26 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame D530	0 23 B	48ms 48ms	Ping image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYwX76cnehchpTOGXgdUuceBcCU2xRox2B5NZircZwJPyLyto5ecBfKmcpqqBBQTJKkM4-SJcz3sSwf5pdbsLpM9AhOgT5VJra3AHCVy1hIySFYQLVoJ6lzPVTzwKUHcKi0MDBif1BJ8EY4hNphzjw225c8qWADhUEh8T2UCEioDd5ujY&sig=Cg0ArKJSzA2yG_ILDUyWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211111.12262&adurl= Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N1224350.1920962COINDESK.COM/B24653495.311737493;dc_ver=81.235;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=1575238846;ord=qjnfx8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstCB7yvDxkyHqaW2EbiIDpSwf3QXYWzo0a68a8HTyN3dsnVKTg2K4ziJ0Fl9M5BXxdQn5p8Al5pyGUnkon52HIgQZ4eyoUFL8X6CpRHPxJu4ZL8U9LIYsjnBRLbHKWMWpOY165XnsYWZ2sxBX2roFWeKRAB1DLX77ZHdgr6wMerGb7oOjG0JEF2IlfFZcLKxX-8iZPKCBXBjSkH6m0h8Cldfk69Wm3UpTZ2dpaUgMeaAAbU_G0fvb12vEx0IUbDex8khchw5GxpcAburLFM9YLlffaI0qlpHYojA7ounMHTpBw1qflF2L5g68yeWrrl6A%26sig%3DCg0ArKJSzExL8dllIRHeEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F$0;xdt=0;crlt=CWBl6z*(dF;sttr=18;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ad.doubleclick.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Mon, 22 Nov 2021 15:19:26 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame D530	41 KB 15 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N1224350.1920962COINDESK.COM/B24653495.311737493;dc_ver=81.235;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=1575238846;ord=qjnfx8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstCB7yvDxkyHqaW2EbiIDpSwf3QXYWzo0a68a8HTyN3dsnVKTg2K4ziJ0Fl9M5BXxdQn5p8Al5pyGUnkon52HIgQZ4eyoUFL8X6CpRHPxJu4ZL8U9LIYsjnBRLbHKWMWpOY165XnsYWZ2sxBX2roFWeKRAB1DLX77ZHdgr6wMerGb7oOjG0JEF2IlfFZcLKxX-8iZPKCBXBjSkH6m0h8Cldfk69Wm3UpTZ2dpaUgMeaAAbU_G0fvb12vEx0IUbDex8khchw5GxpcAburLFM9YLlffaI0qlpHYojA7ounMHTpBw1qflF2L5g68yeWrrl6A%26sig%3DCg0ArKJSzExL8dllIRHeEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F$0;xdt=0;crlt=CWBl6z*(dF;sttr=18;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 17 Nov 2021 17:49:55 GMT content-encoding gzip x-content-type-options nosniff age 422971 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Thu, 17 Nov 2022 17:49:55 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame D530	0 23 B	49ms 48ms	Ping image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYwX76cnehchpTOGXgdUuceBcCU2xRox2B5NZircZwJPyLyto5ecBfKmcpqqBBQTJKkM4-SJcz3sSwf5pdbsLpM9AhOgT5VJra3AHCVy1hIySFYQLVoJ6lzPVTzwKUHcKi0MDBif1BJ8EY4hNphzjw225c8qWADhUEh8T2UCEioDd5ujY&sig=Cg0ArKJSzA2yG_ILDUyWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=9&vt=11&dtpt=8&dett=2&cstd=0&cisv=r20211111.12262&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl= Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adi/N1224350.1920962COINDESK.COM/B24653495.311737493;dc_ver=81.235;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=1575238846;ord=qjnfx8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstCB7yvDxkyHqaW2EbiIDpSwf3QXYWzo0a68a8HTyN3dsnVKTg2K4ziJ0Fl9M5BXxdQn5p8Al5pyGUnkon52HIgQZ4eyoUFL8X6CpRHPxJu4ZL8U9LIYsjnBRLbHKWMWpOY165XnsYWZ2sxBX2roFWeKRAB1DLX77ZHdgr6wMerGb7oOjG0JEF2IlfFZcLKxX-8iZPKCBXBjSkH6m0h8Cldfk69Wm3UpTZ2dpaUgMeaAAbU_G0fvb12vEx0IUbDex8khchw5GxpcAburLFM9YLlffaI0qlpHYojA7ounMHTpBw1qflF2L5g68yeWrrl6A%26sig%3DCg0ArKJSzExL8dllIRHeEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.coindesk.com%2Fbusiness%2F2021%2F11%2F10%2Felectronics-retailer-mediamarkt-hit-by-ransomware-demand-for-50m-bitcoin-payment-report%2F$0;xdt=0;crlt=CWBl6z*(dF;sttr=18;prcl=s Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ad.doubleclick.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Mon, 22 Nov 2021 15:19:26 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame D530	6 KB 5 KB	19ms 18ms	XHR application/json	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/xfa/sodar_loader.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 178ab187b9e7627d2a9a65a1264bee64bdbe0e707d8c1d5000aab2bebc5fc320 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Mon, 22 Nov 2021 15:19:26 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5068 x-xss-protection 0
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 5243	22 KB 8 KB	8ms 7ms	Document text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ad.doubleclick.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Sun, 21 Nov 2021 14:25:07 GMT expires Mon, 21 Nov 2022 14:25:07 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 89659 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame D530	17 KB 6 KB	76ms 76ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/xfa/sodar_loader.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 15:19:26 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Mon, 22 Nov 2021 15:19:26 GMT
GET H3	200	Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response pagead2.googlesyndication.com/bg/ Frame 5243	35 KB 13 KB	6ms 6ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash 61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 12:29:24 GMT content-encoding br x-content-type-options nosniff age 10202 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13476 x-xss-protection 0 last-modified Mon, 08 Nov 2021 11:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 22 Nov 2022 12:29:24 GMT
GET H3	200	Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response pagead2.googlesyndication.com/bg/ Frame 34CE	35 KB 13 KB	8ms 8ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash 61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 12:29:24 GMT content-encoding br x-content-type-options nosniff age 10202 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13476 x-xss-protection 0 last-modified Mon, 08 Nov 2021 11:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 22 Nov 2022 12:29:24 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame F081	42 B 64 B	63ms 62ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOBC-dUWL7lT-p97F6tab9VLyM6am5An8oVHE4IDHRxX9KqUvrtLQp3JBSc60RhZaTSwcurtgDwB9Y_eauNDwzMypv70dV11-thms6NaZ0oK76K8xIbQ&sai=AMfl-YTqtjUZUIq8sYi5hd29dFzjgM3rZEK14n5h7iCyRUrRzGC2XgW1yX1bd4Y75sCm2VLDJd-Ok8XKIGNiyN_9bskPh-B8VeytoR-w_1SQR8Dr2ahRe9rPKAq4d2o&sig=Cg0ArKJSzGqbEYpcvTedEAE&cid=CAASEuRoyvQzBf0tH5kOoTzmDiozeA&id=lidar2&mcvt=1011&p=1110,436,1200,1164&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1463828987&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637594365360&rpt=209&isd=0&lsd=0&met=ce&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://9f30c3bb4a527a8dd3bdb78449b7da17.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5243	0 20 B	45ms 45ms	Image image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAkF6_rSbYZu9E-LC7_UP1M69mA8AAAAAOAHgBAI&bg=!ODulO3_NAAZQLpa_UC47ACkAdvg8WhX0jGvpJHHmMRZvkIBWRPsqaFuSi_V6rdLwuyYM3vrrcYcEMwIAAAB_UgAAABNoAQeZAr-t-EjObzyI_y_aO0Oa1i15kXJG3-eqdLWoYoUVf2DW5Ap2WWy1a9I0wYwmUihGj_Q4vCGcOl86Tg-XgURUubZu28CPIjIrs9zp-JPt1h5CLZiy6_nvs_gX6REohUIQtoLrEaSYU7GyMD3rGq4AJKVbFNkOdxxJ1lQTBsN5X1me4gRFTt5bKxIV0L5_FvcKTeiVE1if_fwLBRrL6ZG2tTTaqSjzWw1W-WZmY80zDZ_mwmsDgvrVj2_oq94IEBkCz8oMy2Y9AojFWGMeP2knTG5UxxFe_WkIkHzOzY--I0ZINfnRRe05VJeiehLXVe3JQdxUaNQUtASPtLwx5SP8wEkJ0UdRWz3mdKTPEqiAOgT1_whF1t5irLoEgEEWUvmK_9B_VTsLNlKVHKB69CjykFQn5p-OJCkxnQeFBLF-GF9VJI3Ug5aMqarou8RnU8h5xAdIv5ibMBjkeXenKu_WJhJrvBWL1uVN8Casc7sjH4MGww2QuAYrE6MQsEfPpSuwpUQ7pFNi-8tGqDf3BxhojsTFGw_ChCmFyv3HT6FlWY7Iw1NNQm6XuUIXpWVBX1nwakZP0NEXxFtp8O04Qw4yzSHloIY74t4wAma6qTYGk-23P9hIB8sOhiiQUirBb0ejkqmYM3cSVYtTMVutnkoE27q0DFH_Xq9RU3-rFAIkNxIMAntGZxkyvKxAlGlLVxeNnMkHd8MS9JywF5js3knbNsCeYLes3MmvTbjCMkG2e50luZAvKwaySIQebdLQG0S4eCyXYnqyo_ivoqY7ZjL4Ntq25Qo4svf19eL9lnzQlz5o1EABWFNWM7K5Tny3wbceUuUdbvo3UKBc-UcjGODOj4IR6wWDi8oC662VaW2O9tZKEGNg5Fkdbc-oL0-oyOkq5YCAXszPM1GV0cc_azmwI9Q2IQpbzNwFhXgDp235hCxK Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 0AD0	42 B 64 B	46ms 46ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbhXQPfz6lv_mTa1iSHfnQMgT165aJCWEfuDnosqcC7w6144Ibkx_LIRN6Mz2ohgGxKlzftD6JXXTyjQD9lHcZzWBeZv5wLTe2sJ-S-DV0stJB7f0Uq3I6MDTxczn4sXiYjDJaGL4RkcQUkAqLEBapnmCPRqVOdfX9divzcVP7gaVraT3DLSi3&sig=Cg0ArKJSzJOPFeQ5W5INEAE&id=lidar2&mcvt=1000&p=975,242,1225,1212&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=0.9&app=0&itpl=19&adk=2742033276&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637594365794&rpt=109&isd=0&lsd=0&met=ie&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame E4E6	42 B 64 B	46ms 46ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUX_ub4JxbDgPqRXTlXPqk7QDgTYPR7VWZ9n7gv_eUFA487VMDQI7q3n2RPJNvThPzaWn3qnHQxmeXliptA0xBg4tkaKedGGwyJXaLJQkjux6torzR&sig=Cg0ArKJSzPaxnzcEIoMXEAE&id=lidar2&mcvt=1000&p=315,1236,565,1536&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1003885369&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637594366235&rpt=77&isd=0&lsd=0&met=ie&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.coindesk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame D530	42 B 64 B	45ms 45ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiKC1WQXoc9Svenxp8YkMHmngXdKFUpy4WSr03hIBAAZX2t68mmFGk--pnlhFgP8IRL0M4NRApeXR2cajV3xQcygYWIqEFAmM&sig=Cg0ArKJSzI62YLNTHWOxEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=33&adk=1575238846&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637594366278&rpt=131&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ad.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Mon, 22 Nov 2021 15:19:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT