www.thelocal.de Open in urlscan Pro
34.120.119.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Submission: On March 19 via api (March 19th 2021, 3:08:37 pm UTC) from DE

Summary HTTP 379 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 77 IPs in 9 countries across 65 domains to perform 379 HTTP transactions. The main IP is 34.120.119.48, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.thelocal.de.
TLS certificate: Issued by GTS CA 1D2 on February 27th 2021. Valid for: 3 months.

This is the only time www.thelocal.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 53	34.120.119.48 34.120.119.48	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2010	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
18	2606:4700::68... 2606:4700::6811:b8b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 2	54.204.17.60 54.204.17.60	14618 (AMAZON-AES) (AMAZON-AES)
2	52.216.92.29 52.216.92.29	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.30.24.141 184.30.24.141	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 1	151.101.114.137 151.101.114.137	54113 (FASTLY) (FASTLY)
4	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2	2600:9000:218... 2600:9000:2182:1e00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e6:... 2606:4700:e6::ac40:ce18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f00... 2a03:2880:f00a:e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:710... 2a02:26f0:7100:191::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:211... 2600:9000:211e:5800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
14	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1 1	3.10.77.94 3.10.77.94	16509 (AMAZON-02) (AMAZON-02)
16	152.195.39.46 152.195.39.46	15133 (EDGECAST) (EDGECAST)
4 22	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2a03:2880:f10... 2a03:2880:f10a:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	3.130.124.204 3.130.124.204	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	18.215.29.8 18.215.29.8	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	18.200.192.108 18.200.192.108	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f00... 2a03:2880:f00a:2:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	54.81.163.28 54.81.163.28	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6811:b7b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
7	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e4:... 2606:4700:e4::ac40:a002	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	52.3.188.134 52.3.188.134	14618 (AMAZON-AES) (AMAZON-AES)
2	3.226.154.220 3.226.154.220	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:170... 2a02:26f0:1700:59a::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
4	35.244.146.207 35.244.146.207	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
10	13.225.74.50 13.225.74.50	16509 (AMAZON-02) (AMAZON-02)
4 17	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 11	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
4	104.16.88.26 104.16.88.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	208.100.17.184 208.100.17.184	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	104.16.39.14 104.16.39.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	184.30.24.185 184.30.24.185	16625 (AKAMAI-AS) (AKAMAI-AS)
4	13.226.158.204 13.226.158.204	16509 (AMAZON-02) (AMAZON-02)
2	67.202.110.21 67.202.110.21	32748 (STEADFAST) (STEADFAST)
3	208.100.17.181 208.100.17.181	32748 (STEADFAST) (STEADFAST)
1 1	185.29.132.69 185.29.132.69	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
2 3	99.80.71.186 99.80.71.186	16509 (AMAZON-02) (AMAZON-02)
7 9	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	18.159.182.76 18.159.182.76	16509 (AMAZON-02) (AMAZON-02)
3 4	52.57.230.211 52.57.230.211	16509 (AMAZON-02) (AMAZON-02)
2 2	54.194.211.3 54.194.211.3	16509 (AMAZON-02) (AMAZON-02)
5 5	54.228.192.197 54.228.192.197	16509 (AMAZON-02) (AMAZON-02)
1 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	18.158.22.14 18.158.22.14	16509 (AMAZON-02) (AMAZON-02)
2 5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	51.75.146.200 51.75.146.200	16276 (OVH) (OVH)
1 1	139.162.84.221 139.162.84.221	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
16	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
379	77

53 34.120.119.48 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 48.119.120.34.bc.googleusercontent.com

www.thelocal.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700::6811:b8b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
itp.thelocal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.204.17.60 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

pixel.watch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.92.29 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-v3.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.141 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-141.deploy.static.akamaitechnologies.com

d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.137 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:1e00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:ce18 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f00a:e:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:191::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:5800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.10.77.94 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

route.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 152.195.39.46 (United States)

ASN15133 (EDGECAST, US)

cdata.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inimage.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700::6810:f015 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f10a:83:face:b00c:0:25de (United States) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.130.124.204 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-124-204.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.29.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-29-8.compute-1.amazonaws.com

logging.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.200.192.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-192-108.eu-west-1.compute.amazonaws.com

ingestion.contentinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f00a:2:face:b00c:0:8c (United States)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.81.163.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-163-28.compute-1.amazonaws.com

content.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)

api.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e4::ac40:a002 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.3.188.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-188-134.compute-1.amazonaws.com

analytics.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.226.154.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

xtr.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:59a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

vast.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.146.207 (Kansas City, United States)

ASN15169 (GOOGLE, US)

apiwp.thelocal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.225.74.50 (United States)

ASN16509 (AMAZON-02, US)

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 34.98.64.218 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

carambola-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.52.2.48 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.88.26 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sc.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.184 (United States)

ASN32748 (STEADFAST, US)

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.39.14 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-sic.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.24.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-185.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.158.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-204.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.110.21 (United States)

ASN32748 (STEADFAST, US)

sic.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.100.17.181 (United States)

ASN32748 (STEADFAST, US)

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.69 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.253 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.80.71.186 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.34 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.182.76 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.230.211 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-230-211.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.211.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.228.192.197 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.22.14 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.146.200 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: p11.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.84.221 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	thelocal.de 1 redirects www.thelocal.de	1010 KB
36	taboola.com 2 redirects cdn.taboola.com trc.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com cds.taboola.com images.taboola.com	409 KB
34	carambo.la 1 redirects route.carambo.la cdata.carambo.la logging.carambo.la inimage.carambo.la content.carambo.la analytics.carambo.la xtr.carambo.la media.carambo.la	420 KB
23	tinypass.com experience.tinypass.com cdn.tinypass.com buy.tinypass.com id.tinypass.com api.tinypass.com api-v3.tinypass.com	521 KB
23	googleapis.com storage.googleapis.com fonts.googleapis.com imasdk.googleapis.com	741 KB
22	piano.io 4 redirects api-esp.piano.io	122 KB
22	gstatic.com fonts.gstatic.com www.gstatic.com	398 KB
19	openx.net 5 redirects carambola-d.openx.net eu-u.openx.net us-u.openx.net rtb.openx.net	52 KB
19	doubleclick.net 7 redirects securepubads.g.doubleclick.net pubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	363 KB
18	google.com news.google.com play.google.com adservice.google.com www.google.com	69 KB
16	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com vid.connatix.com img.connatix.com	255 KB
11	lijit.com 1 redirects ap.lijit.com ce.lijit.com	73 KB
10	adlightning.com tagan.adlightning.com	168 KB
8	tynt.com cdn.tynt.com sc.tynt.com ic.tynt.com de.tynt.com	16 KB
8	google-analytics.com www.google-analytics.com	57 KB
6	33across.com cdn-sic.33across.com sic.33across.com	265 KB
6	adpushup.com cdn.adpushup.com e3.adpushup.com	220 KB
5	bidr.io 5 redirects match.prod.bidr.io	3 KB
5	thelocal.com apiwp.thelocal.com itp.thelocal.com	998 KB
5	facebook.com 1 redirects www.facebook.com	786 B
4	bidswitch.net 3 redirects x.bidswitch.net	1 KB
4	amazon-adsystem.com c.amazon-adsystem.com	68 KB
4	adnxs.com acdn.adnxs.com ib.adnxs.com	62 KB
4	googletagmanager.com www.googletagmanager.com	192 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	googlesyndication.com pagead2.googlesyndication.com	37 KB
3	aniview.com vast.aniview.com	747 B
3	contentinsights.com ingestion.contentinsights.com	264 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	facebook.net connect.facebook.net	162 KB
2	id5-sync.com 2 redirects id5-sync.com	3 KB
2	contextweb.com 1 redirects bh.contextweb.com	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	smartadserver.com rtb-csync.smartadserver.com	896 B
2	pubmatic.com 1 redirects image2.pubmatic.com simage2.pubmatic.com	2 KB
2	avct.cloud 2 redirects ads.avct.cloud	888 B
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	adform.net 2 redirects c1.adform.net	639 B
2	fouanalytics.com api.fouanalytics.com	1001 B
2	quantserve.com 1 redirects secure.quantserve.com pixel.quantserve.com	9 KB
2	consensu.org quantcast.mgr.consensu.org	79 KB
2	amazonaws.com s3.amazonaws.com	4 KB
2	pixel.watch 2 redirects pixel.watch	644 B
2	bootstrapcdn.com stackpath.bootstrapcdn.com	31 KB
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	362 B
1	criteo.com 1 redirects dis.criteo.com	525 B
1	emxdgt.com e1.emxdgt.com	59 B
1	adkernel.com dsp.adkernel.com	233 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	780 B
1	yahoo.com pr-bh.ybp.yahoo.com	840 B
1	turn.com 1 redirects ad.turn.com	441 B
1	mathtag.com 1 redirects sync.mathtag.com	598 B
1	google.de www.google.de	107 B
1	2mdn.net s0.2mdn.net	17 KB
1	twitter.com analytics.twitter.com	285 B
1	atdmt.com cx.atdmt.com	827 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	t.co t.co	170 B
1	quantcount.com rules.quantcount.com	356 B
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	npttech.com www.npttech.com	3 KB
1	rackcdn.com d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com	6 KB
1	cloudflare.com cdnjs.cloudflare.com	5 KB
379	65

	Domain	Requested by
53	www.thelocal.de	1 redirects www.thelocal.de
22	api-esp.piano.io	4 redirects cdn.tinypass.com www.thelocal.de api-esp.piano.io
17	fonts.googleapis.com	www.thelocal.de buy.tinypass.com api-esp.piano.io route.carambo.la
16	images.taboola.com	www.thelocal.de
16	fonts.gstatic.com	fonts.googleapis.com news.google.com
15	buy.tinypass.com	cdn.tinypass.com buy.tinypass.com
11	capi.connatix.com	cd.connatix.com
10	tagan.adlightning.com	route.carambo.la
10	analytics.carambo.la	route.carambo.la
9	cm.g.doubleclick.net	7 redirects eu-u.openx.net
9	ap.lijit.com	route.carambo.la tagan.adlightning.com
8	cdn.taboola.com	www.thelocal.de cdn.taboola.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.thelocal.de
7	eu-u.openx.net	2 redirects tagan.adlightning.com eu-u.openx.net
7	media.carambo.la	www.thelocal.de
7	play.google.com	www.gstatic.com
7	news.google.com	cdn.tinypass.com news.google.com www.gstatic.com
7	cdata.carambo.la	www.thelocal.de route.carambo.la
6	carambola-d.openx.net	2 redirects route.carambo.la
6	www.gstatic.com	news.google.com www.gstatic.com
6	securepubads.g.doubleclick.net	www.thelocal.de securepubads.g.doubleclick.net tagan.adlightning.com
5	trc.taboola.com	cdn.taboola.com
5	match.prod.bidr.io	5 redirects
5	www.facebook.com	1 redirects www.thelocal.de connect.facebook.net
4	sync.taboola.com	2 redirects
4	x.bidswitch.net	3 redirects
4	us-u.openx.net	eu-u.openx.net
4	c.amazon-adsystem.com	tagan.adlightning.com c.amazon-adsystem.com
4	cdn-sic.33across.com	tagan.adlightning.com
4	apiwp.thelocal.com	api-esp.piano.io
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	content.carambo.la	route.carambo.la
4	e3.adpushup.com	cdn.adpushup.com www.thelocal.de
4	www.googletagmanager.com	www.thelocal.de www.googletagmanager.com
3	match.adsrvr.org	2 redirects eu-u.openx.net
3	de.tynt.com	cdn.tynt.com
3	pubads.g.doubleclick.net	imasdk.googleapis.com
3	adservice.google.com	imasdk.googleapis.com
3	pagead2.googlesyndication.com	srcdoc
3	vast.aniview.com	cd.connatix.com
3	ingestion.contentinsights.com	www.thelocal.de
3	connect.facebook.net	www.thelocal.de connect.facebook.net
2	id5-sync.com	2 redirects
2	ce.lijit.com	1 redirects
2	ib.adnxs.com
2	bh.contextweb.com	1 redirects
2	rtb.mfadsrvr.com	2 redirects
2	rtb-csync.smartadserver.com	eu-u.openx.net
2	ads.avct.cloud	2 redirects
2	pm.w55c.net	2 redirects
2	rtb.openx.net	1 redirects eu-u.openx.net
2	c1.adform.net	2 redirects
2	sic.33across.com	tagan.adlightning.com
2	acdn.adnxs.com	tagan.adlightning.com
2	sc.tynt.com	tagan.adlightning.com
2	cdn.tynt.com	tagan.adlightning.com
2	xtr.carambo.la	route.carambo.la
2	api.fouanalytics.com	route.carambo.la
2	api.tinypass.com	buy.tinypass.com
2	inimage.carambo.la	route.carambo.la
2	cdn.adpushup.com	www.thelocal.de cdn.adpushup.com
2	px.ads.linkedin.com	1 redirects www.thelocal.de
2	quantcast.mgr.consensu.org	www.thelocal.de quantcast.mgr.consensu.org
2	cds.connatix.com	www.thelocal.de cd.connatix.com
2	cdn.tinypass.com	www.thelocal.de experience.tinypass.com
2	s3.amazonaws.com	www.thelocal.de
2	pixel.watch	2 redirects
2	experience.tinypass.com	www.thelocal.de cdn.tinypass.com
2	stackpath.bootstrapcdn.com	www.thelocal.de
2	storage.googleapis.com	www.thelocal.de
1	cds.taboola.com
1	bttrack.com
1	s.c.appier.net	1 redirects
1	sync-t1.taboola.com
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com
1	dsp.adkernel.com
1	simage2.pubmatic.com
1	pixel.rubiconproject.com	1 redirects
1	match.taboola.com
1	image2.pubmatic.com	1 redirects
1	pr-bh.ybp.yahoo.com	eu-u.openx.net
1	ad.turn.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	sync.mathtag.com	1 redirects
1	www.google.de
1	www.google.com
1	ic.tynt.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	itp.thelocal.com	cdn.tinypass.com
1	api-v3.tinypass.com	cdn.tinypass.com
1	s0.2mdn.net	imasdk.googleapis.com
1	analytics.twitter.com	static.ads-twitter.com
1	img.connatix.com	www.thelocal.de
1	vid.connatix.com	cd.connatix.com
1	cx.atdmt.com	www.thelocal.de
1	logging.carambo.la	route.carambo.la
1	cdn.jsdelivr.net	cdn.adpushup.com
1	id.tinypass.com	cdn.tinypass.com
1	route.carambo.la	1 redirects
1	t.co	www.thelocal.de
1	www.linkedin.com	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	snap.licdn.com	www.thelocal.de
1	static.ads-twitter.com	www.thelocal.de
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	www.npttech.com	www.thelocal.de
1	cd.connatix.com	1 redirects
1	d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com	www.thelocal.de
1	cdnjs.cloudflare.com	www.thelocal.de
379	110

This site contains links to these domains. Also see Links.

Domain
www.thelocal.com
www.thelocal.at
www.thelocal.dk
www.thelocal.fr
www.thelocal.it
www.thelocal.no
www.thelocal.es
www.thelocal.se
www.thelocal.ch
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
itunes.apple.com
play.google.com
feeds.thelocal.com
www.sueddeutsche.de
www.zeit.de
www.reuters.com
www.nytimes.com
popup.taboola.com
ugxvd.com
cofully.com
gameofglam.com
trendscatchers.de
rfvtgb.restwow.com
rfvtgb.novelodge.com
rfvtgb.xfreehub.com
odkpe.com
www.toytowngermany.com
jobs.thelocal.com

Subject Issuer	Validity	Valid
www.thelocal.de GTS CA 1D2	`2021-02-27` - `2021-05-28`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.ssl.cf1.rackcdn.com DigiCert SHA2 Secure Server CA	`2020-04-19` - `2021-07-19`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2020-10-09` - `2021-10-29`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.carambo.la DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-07`	a year	crt.sh
*.adpushup.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-27` - `2022-08-29`	2 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-09` - `2021-04-17`	a month	crt.sh
*.news.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.contentinsights.com Go Daddy Secure Certificate Authority - G2	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-01-29` - `2021-04-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
apiwp.thelocal.com GTS CA 1D2	`2021-02-22` - `2021-05-23`	3 months	crt.sh
itp.thelocal.com Cloudflare Inc ECC CA-3	`2020-08-24` - `2021-08-24`	a year	crt.sh
*.adlightning.com Amazon	`2020-07-22` - `2021-08-22`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh

This page contains 29 frames:

Primary Page: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Frame ID: 8BB317F6B8A573758A0CA22270C891A1
Requests: 214 HTTP requests in this frame

Frame: https://cds.connatix.com/p/108993/connatix.player.dc.js
Frame ID: 37E07BF76180B02295B779E143F6DEE8
Requests: 21 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.login-box&templateId=OTU6M3FSD4MZ&templateVariantId=OTVN7R7RXGJUZ&offerId=OF5GTA24P5VH&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX8P88MXOZPZ&widget=offer&iframeId=offer-0-drfCY&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=350&_qh=c55003e6cf
Frame ID: ADAF1F9454BE9B449342EDADFDF28FA7
Requests: 11 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.donate-message&templateId=OTPYFTHRYYY6&templateVariantId=OTVCGKCVEQAP2&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2Ry27CMBBF_8VrLNkOzsO7hAaK6INXQ8POOAO4NSEkDkSq-u8llLaq1EVnN7rnjmbuvCGpMySQGZSO0umu56EOKuQGEg2nYaswwigmDqYBpi4mPqYOZg7FTbPgYROr0ZK9RP2bEwbJCWOwAs75WqnAzzKPucE6cAgPqLs6D4amgFJDruAyOn6OnmacRw_dKPmlxg2o2up9fsGoTzjxNpQSTM7FarYiNVTWFMY4rn841MX29Zc_VN_mars_zWFXGGlhek_pLCTD3iidtXduZfUlIWHLGjrIXvuL93E-Tvvz22mapi760RJZapnbK5L0BqNeEk_CMTszSu4KqTd5hUReG9NBR13pT_SI_47SwVoFMSivP7-bGBsuF_-JUhftbyShorv2BQ2Y4F3aFaJdoq6gDDeQ2zOSnVS7ujVIUJe6jDM_cN4_AHua6gn3AQAA&experienceId=EXBUS55BN4BV&widget=offer&tbc=%7Bjbd%7DeyJwayI6IkFEd1hGSDFwUkl1bnZyWjQyUm00QXdramVGSDMzdGFjQ2xKWFhuZUJSYTI0cTlVS1E3VlZ6OGhpSkxvbSIsInNrIjoibEdyM2NpWW1DNyIsInYiOjN9&iframeId=offer-1-9JbPU&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&tags=articlepage&pageViewId=2021-03-19-16-08-13-231-xxW5AxEcKZ2jBFDw-ea5022ebe555fcc98dd7269f9305916b&visitId=v-2021-03-19-16-08-13-233-ic9Eec7FTLQltAZW-ea5022ebe555fcc98dd7269f9305916b&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=620&_qh=5b724e6794
Frame ID: 533E865574E71CF942F0A7C11E6940ED
Requests: 9 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=448935
Frame ID: 54AB2AE01E94611A080A9ECD888A43F3
Requests: 14 HTTP requests in this frame

Frame: https://api-esp.piano.io/publisher/bekose/164?wv=96&v=vd.1.60.5-785b23d
Frame ID: 8BCD4EF453E08C9A1AD699AEBD1E900C
Requests: 10 HTTP requests in this frame

Frame: https://api-esp.piano.io/publisher/bekose/162?wv=97&v=vd.1.60.5-785b23d
Frame ID: 5C7619B964801592910E5E4090787AF0
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: FC241CFF8F93E2F6254C91AA1F2BB6EB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 46448A1FECCE4A296DDA64EB2CE78762
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/carambola/blacklist_script.js
Frame ID: 3492092F570913947558BC764204C738
Requests: 4 HTTP requests in this frame

Frame: https://tagan.adlightning.com/carambola/blacklist_script.js
Frame ID: 782CA365902C45798248D85EB0E1D9C2
Requests: 5 HTTP requests in this frame

Frame: https://tagan.adlightning.com/carambola/blacklist_script.js
Frame ID: 99B68DDBB62371D5F63A748E96812C79
Requests: 5 HTTP requests in this frame

Frame: https://tagan.adlightning.com/carambola/blacklist_script.js
Frame ID: 21134F53E63747BA53DF328EE43C8481
Requests: 4 HTTP requests in this frame

Frame: https://tagan.adlightning.com/carambola/blacklist_script.js
Frame ID: DCFCD853FC0A912FE0EE2C91BC237257
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: F6112C3F20B2349FD6603A45FC699D65
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 0C1F9D723781BA008A8A6FDF26A99277
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: D71BF8F486B22FE878678B828E464B8F
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Frame ID: B5B6743D5CB1F0EF8620E0EABBD07107
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Frame ID: CF66E406769F4B88944B8BE4BA81A970
Requests: 7 HTTP requests in this frame

Frame: https://cdn.tynt.com/siab.js
Frame ID: 0B617D1913038984329315DFC9DF543A
Requests: 5 HTTP requests in this frame

Frame: https://ap.lijit.com/www/delivery/fpi.js?5GRBWCodaF&_ADTIME_&z=423415&width=300&height=250
Frame ID: 62333FB2C74AA380965ED512C4A133CC
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: E2B41AC275ADF8C90EC2D2D463801BD8
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: A0AC98DB3C5E9D48927B0C6A24C4BEE4
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 38D12E986245E84197743552B02C2910
Requests: 2 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c661adab-15b4-447d-ad39-fb727d3d0483&tbid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&query=taboola_hm%3Dc661adab-15b4-447d-ad39-fb727d3d0483&isDirect=0
Frame ID: ADD08888B35138B1BECF1422413DDF42
Requests: 19 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: 1C2CFA4A857DC1F1B1BAEEDC758DBDB1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BAFB9278DBD6D898DD21D985E262F6FC
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: 0B2883D9A994595937A8F5EBB5D92939
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EDE02581020525A45BD30EE1D1CE45D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies Page URL
https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies HTTP 301
https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

379
Requests

99 %
HTTPS

38 %
IPv6

65
Domains

110
Subdomains

77
IPs

9
Countries

6839 kB
Transfer

17163 kB
Size

25
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://www.thelocal.com/
Title: Europe ·

Search URL Search Domain Scan URL

URL: https://www.thelocal.at/
Title: Austria ·

Search URL Search Domain Scan URL

URL: https://www.thelocal.dk/
Title: Denmark ·

Search URL Search Domain Scan URL

URL: https://www.thelocal.fr/
Title: France ·

Search URL Search Domain Scan URL

URL: https://www.thelocal.it/
Title: Italy ·

Search URL Search Domain Scan URL

URL: https://www.thelocal.no/
Title: Norway ·

Search URL Search Domain Scan URL

URL: https://www.thelocal.es/
Title: Spain ·

Search URL Search Domain Scan URL

URL: https://www.thelocal.se/
Title: Sweden ·

Search URL Search Domain Scan URL

URL: https://www.thelocal.ch/
Title: Switzerland

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheLocalGermany
Title: Our Facebook page

Search URL Search Domain Scan URL

URL: https://twitter.com/TheLocalGermany
Title: Our Twitter feed

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thelocalgermany
Title: Our Instagram page

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/thelocaleurope/
Title: Our LinkedIn page

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/the-local/id1078564301?mt=8
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thelocal.app
Title:

Search URL Search Domain Scan URL

URL: http://www.thelocal.at/
Title: Austria

Search URL Search Domain Scan URL

URL: http://www.thelocal.com/
Title: Europe

Search URL Search Domain Scan URL

URL: http://www.thelocal.no/
Title: Norway

Search URL Search Domain Scan URL

URL: http://www.thelocal.se/
Title: Sweden

Search URL Search Domain Scan URL

URL: http://www.thelocal.dk/
Title: Denmark

Search URL Search Domain Scan URL

URL: http://www.thelocal.fr/
Title: France

Search URL Search Domain Scan URL

URL: http://www.thelocal.it/
Title: Italy

Search URL Search Domain Scan URL

URL: http://www.thelocal.es/
Title: Spain

Search URL Search Domain Scan URL

URL: http://www.thelocal.ch/
Title: Switzerland

Search URL Search Domain Scan URL

URL: https://feeds.thelocal.com/rss/de
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/thelocalgermany
Title: @thelocalgermany

Search URL Search Domain Scan URL

URL: http://www.sueddeutsche.de/politik/einflussnahme-auf-politiker-wie-chinesische-agenten-den-bundestag-ausspionieren-1.4042673
Title: report

Search URL Search Domain Scan URL

URL: https://www.zeit.de/politik/deutschland/2018-02/spionage-bundeskriminalamt-deutschland-martina-renner-propaganda
Title: report

Search URL Search Domain Scan URL

URL: https://www.reuters.com/article/deutschland-china-geheimdienst-idDEKBN1E80V0
Title: told

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2018/06/06/world/asia/china-guangzhou-consulate-sonic-attack.html
Title: reports

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=thelocal-de&utm_medium=referral&utm_content=thumbnails-a-new:Below%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: http://ugxvd.com/cid/6ee8ff43-6c08-49bd-8b60-7587a6edbed1?campaignid=7025658&platform=Desktop&campaignitemid=2974951721&site=thelocal-de&clickid=GiC7A-PXQVvoNt7h0oQqdx6UveKok7ijb0YK7CMSG7c8HCDlok0o7IGd9P3B2JNe&timestamp=2021-03-19+15%3A08%3A19&thumbnail=http%3A%2F%2Fugxvd.com%2Fcontent%2F8fa17eae-65d2-4a2e-8c00-2f3c96343726.jpg&title=Zahn%C3%A4rzte+machtlos%3A+So+wenig+kosten+Zahnimplantate+in+Crissier+wirklich#tblciGiC7A-PXQVvoNt7h0oQqdx6UveKok7ijb0YK7CMSG7c8HCDlok0o7IGd9P3B2JNe
Title: Zahnimplantate | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://cofully.com/tb/cbd-gummis-ch/sarah01/?utm_campaign=8031825&utm_content=2969690923&utm_medium=Desktop&utm_source=thelocal-de&site_domain=thelocal.de&site_id=1034114&click_id=GiC7A-PXQVvoNt7h0oQqdx6UveKok7ijb0YK7CMSG7c8HCDj6kUolt7DusmYoLVS&tblci=GiC7A-PXQVvoNt7h0oQqdx6UveKok7ijb0YK7CMSG7c8HCDj6kUolt7DusmYoLVS#tblciGiC7A-PXQVvoNt7h0oQqdx6UveKok7ijb0YK7CMSG7c8HCDj6kUolt7DusmYoLVS
Title: Sarah's Blessing

Search URL Search Domain Scan URL

URL: https://gameofglam.com/das-nettovermogen-der-prominenten/?utm_source=taboola&utm_medium=thelocal-de&utm_campaign=9195764&utm_term=Silvia+Wollny+wirkliches+Verm%C3%B6gen+hat+uns+bis+in+Mark+und+Bein+ersch%C3%BCttert&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fbd53bebd59eddb6c512e006d9375eb9a.jpg&ts=2021-03-19+15%3A08%3A19&tbv=0.11&pcl=1
Title: Game Of Glam

Search URL Search Domain Scan URL

URL: https://trendscatchers.de/index.php/2021/03/02/sie-bringt-vierlinge-zur-welt-doch-dann-sehen-die-arzte-die-gesichter-der-babys/?utm_source=tab-9039031&utm_medium=1034114
Title: Trendscatchers

Search URL Search Domain Scan URL

URL: https://rfvtgb.restwow.com/worldwide/celebc-ta-ge?utm_medium=taboola&utm_source=taboola&utm_campaign=ta-rw-celebc-s-des-3s-ag-04031d&utm_term=thelocal-de&utm_bid=UGa7-feZMN3waxiX1n9OHeEo9nlJSmDa7V8GcOKYK5I=
Title: Rest Wow

Search URL Search Domain Scan URL

URL: https://rfvtgb.novelodge.com/worldwide/forgot-ta-ge?utm_medium=taboola&utm_source=taboola&utm_campaign=ta-nl-forg8t-s-des-3s-ag-16031d&utm_term=thelocal-de&utm_bid=ofOnS5Re-gwD20WSgxTlU-Eo9nlJSmDa7V8GcOKYK5I=
Title: Novelodge

Search URL Search Domain Scan URL

URL: https://rfvtgb.xfreehub.com/worldwide/weight-ta-ge?utm_medium=taboola&utm_source=taboola&utm_campaign=ta-xf-weight-s-des-3s-da-17031d&utm_term=thelocal-de&utm_bid=yNsCjkA72NqAI6zoEseDc-Eo9nlJSmDa7V8GcOKYK5I=
Title: Free Hub

Search URL Search Domain Scan URL

URL: http://odkpe.com/cid/848fe6e7-e23d-4022-b3fd-1911b233bce9?campaignid=8810378&platform=Desktop&campaignitemid=2973199438&site=thelocal-de&clickid=GiC7A-PXQVvoNt7h0oQqdx6UveKok7ijb0YK7CMSG7c8HCDvrVMo19C0r-PZpdmyAQ&timestamp=2021-03-19+15%3A08%3A19&thumbnail=http%3A%2F%2Fodkpe.com%2Fcontent%2F938707d0-8210-41e3-b7dd-42a82672d526.png&title=Das+beste+Elektroauto+ist+unversch%C3%A4mt+g%C3%BCnstig#tblciGiC7A-PXQVvoNt7h0oQqdx6UveKok7ijb0YK7CMSG7c8HCDvrVMo19C0r-PZpdmyAQ
Title: Elektroauto | Gesponserte Links

Search URL Search Domain Scan URL

URL: http://www.toytowngermany.com/forum/topic/85863-/
Title: Recommended plumbers in Berlin

Search URL Search Domain Scan URL

URL: http://www.toytowngermany.com/forum/topic/138614-/
Title: Best liquors from Germany

Search URL Search Domain Scan URL

URL: http://www.toytowngermany.com/forum/topic/286553-/
Title: "Really good" Indian restaurants in Berlin

Search URL Search Domain Scan URL

URL: http://www.toytowngermany.com/forum/topic/162984-/
Title: English Speaking Jobs In Frankfurt

Search URL Search Domain Scan URL

URL: http://www.toytowngermany.com/forum/topic/42463-/
Title: German payslip abbreviations

Search URL Search Domain Scan URL

URL: https://www.toytowngermany.com/forum/
Title: View all discussions

Search URL Search Domain Scan URL

URL: https://jobs.thelocal.com/employers/
Title: Post a job ad

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies Page URL
https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies HTTP 301
https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://pixel.watch/3u2e HTTP 302
https://s3.amazonaws.com/scripts-clickmeter-com/js/pixelNew.js

Request Chain 43

https://pixel.watch/msvm HTTP 302
https://s3.amazonaws.com/scripts-clickmeter-com/js/pixelNew.js

Request Chain 59

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/108993/connatix.player.dc.js

Request Chain 87

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=201345&time=1616166493151&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D201345%26time%3D1616166493151%26url%3Dhttps%253A%252F%252Fwww.thelocal.de%252F20180706%252Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=201345&time=1616166493151&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&liSync=true

Request Chain 95

https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0 HTTP 302
https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/js/Carambola_layer_112.min.js

Request Chain 126

https://www.facebook.com/tr/?id=1765939700386961&ev=DEV%20COM%20offer%20shown&dl=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&rl=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies&if=false&ts=1616166493767&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1616166493369.1032061824&it=1616166493174&coo=false&rqm=GET HTTP 302
https://cx.atdmt.com/?c=6041142539726336493&f=AYwf8vKf9OskbwtdiM3BgxoYQVIhaZs79xKDK91nHu5SWIwo-OOHYdyA_-XGQueF_CoFFlXPaN10FqI364xf9Xp_&id=1765939700386961&l=3&v=0

Request Chain 234

https://api-esp.piano.io/-s/iz7eSngBrjsH5cgqB2-P HTTP 301
https://apiwp.thelocal.com/wp-content/uploads/2021/03/rsz_235752097.jpg

Request Chain 235

https://api-esp.piano.io/-s/wxkBSngBHgSt8voY9Wcq HTTP 301
https://apiwp.thelocal.com/wp-content/uploads/2021/03/Maskenpflicht.jpg

Request Chain 236

https://api-esp.piano.io/-s/9bVwSngBAxj7yXN9EJdL HTTP 301
https://apiwp.thelocal.com/wp-content/uploads/2021/03/rsz_235814521.jpg

Request Chain 237

https://api-esp.piano.io/-s/QUtwSngBDDgI0gS1ENFP HTTP 301
https://apiwp.thelocal.com/wp-content/uploads/2021/03/merkelspahn.jpg

Request Chain 288

https://carambola-d.openx.net/w/1.0/acj?ai=2561260d-08c6-443c-bfd7-ee9bb320809f&o=4220878153&callback=OX_4220878153&ju=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/&jr=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies&auid=540747247&dims=1600x1200&adxy=275%2C6453&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=728x90&ifr=1&tws=1600x1200&mt=1 HTTP 302
https://carambola-d.openx.net/w/1.0/acj?cc=1&ai=2561260d-08c6-443c-bfd7-ee9bb320809f&o=4220878153&callback=OX_4220878153&ju=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/&jr=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies&auid=540747247&dims=1600x1200&adxy=275%2C6453&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=728x90&ifr=1&tws=1600x1200&mt=1

Request Chain 289

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb

Request Chain 290

https://carambola-d.openx.net/w/1.0/acj?ai=4cf99859-8ca6-426c-bf62-9d7da01aae0c&o=4549886111&callback=OX_4549886111&ju=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/&jr=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies&auid=540747245&dims=1600x1200&adxy=1070%2C1874&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=300x250&ifr=1&tws=1600x1200&mt=1 HTTP 302
https://carambola-d.openx.net/w/1.0/acj?cc=1&ai=4cf99859-8ca6-426c-bf62-9d7da01aae0c&o=4549886111&callback=OX_4549886111&ju=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/&jr=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies&auid=540747245&dims=1600x1200&adxy=1070%2C1874&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=300x250&ifr=1&tws=1600x1200&mt=1

Request Chain 291

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb

Request Chain 292

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4ca86054-be62-4200-bf7e-53fb96aada9a

Request Chain 293

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1mewAoIyswTNNLAD0jaoD9Iy5wfNYrAOgWIlGVb9

Request Chain 294

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8227325059438948332

Request Chain 296

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTAwMTU2MWEtNWZiMS02ODNkLTZhZDYtYmYzNmQyMWRiYmE1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTAwMTU2MWEtNWZiMS02ODNkLTZhZDYtYmYzNmQyMWRiYmE1&google_tc=

Request Chain 297

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDUfzYFaZkb7630RRNIA3mQ&google_cver=1

Request Chain 298

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2801290956954932617&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 299

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=UzgP7D9Aj7eZQqk4y-ZPfw==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 301

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=CB6STQQG1LngJA5

Request Chain 302

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=355bdb0f-82b0-4192-a631-e1771acb9723&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=635df4fc-921a-4ad7-b2db-e115c09fb7f0

Request Chain 303

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFRHRVN0FxWDBBQUJBNmJYaXNtdw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEDtU7AqX0AABA6bXismw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2&_bee_ppp=1 HTTP 303
https://rtb-csync.smartadserver.com/redir

Request Chain 326

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c661adab-15b4-447d-ad39-fb727d3d0483 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c661adab-15b4-447d-ad39-fb727d3d0483&tbid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&query=taboola_hm%3Dc661adab-15b4-447d-ad39-fb727d3d0483&isDirect=0

Request Chain 327

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KMGFT04M-L-M4CY

Request Chain 328

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=wqtF8oaiSI4a&ev=1&orig=trc&pid=562107

Request Chain 330

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDgj4a8mb_UUjn2NpOgW-Rs&google_cver=1

Request Chain 332

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D1%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3

Request Chain 333

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=6783188d-fbdc-46bd-ba69-157e3d3d6811

Request Chain 334

https://ce.lijit.com/merge?pid=42&3pid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&us_privacy=&gdpr=1&gdpr_consent=&dnr=1

Request Chain 339

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=bef8f873-75f4-4ee3-8033-1501df0fe8eb

Request Chain 340

https://id5-sync.com/s/464/9.gif?puid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&gdpr=1&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=1&gdpr_consent=

Request Chain 341

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=cNZ7jTeVD0qfluHaZL5UYA

379 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 several-german-mps-sold-sensitive-information-to-chinese-spies Show response
www.thelocal.de/20180706/ 1 KB
1020 B 87ms
33ms Document
text/html 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 48.119.120.34.bc.googleusercontent.com
Software: shield /
Resource Hash: 85dae9d77e2f21dbdc0f81bb38e823c39c134fe2b4e1504d6910cd580775a7e1

Request headers

:method: GET
:authority: www.thelocal.de
:scheme: https
:path: /20180706/several-german-mps-sold-sensitive-information-to-chinese-spies
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: shield
date: Fri, 19 Mar 2021 15:08:12 GMT
content-type: text/html
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-shield-request-id: 83e7507bb89c55321be6ac8aa321bbc8
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 shield-logo-mono-darktext.svg
storage.googleapis.com/ddos-shield.appspot.com/ 17 KB
17 KB 35ms
14ms Image
image/svg+xml 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/ddos-shield.appspot.com/shield-logo-mono-darktext.svg
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 14:26:30 GMT
age: 2502
x-guploader-uploadid: ABg5-UxQ7PYestOVp7ARsQP2jb7PoMcm7VknBZzVJ2MXENPDCA9lVbwjQCbiv_chKDLHrPzZn9eEAAuPYV4yaGwbQxk
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16999
last-modified: Wed, 03 May 2017 14:59:11 GMT
server: UploadServer
etag: "c4bcfe67497b8506099dc81e603503a9"
x-goog-hash: crc32c=iokc6w==, md5=xLz+Z0l7hQYJncgeYDUDqQ==
x-goog-generation: 1493823552006363
cache-control: public, max-age=3600
x-goog-stored-content-length: 16999
accept-ranges: bytes
content-type: image/svg+xml
expires: Fri, 19 Mar 2021 15:26:30 GMT

GET
H2 200 aes.js Show response
storage.googleapis.com/ddos-shield.appspot.com/ 30 KB
31 KB 28ms
7ms Script
application/javascript 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/ddos-shield.appspot.com/aes.js
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2448951b14fa6e553e0e6e0c95d66121c17113b6dc6218202691a058ecba5568

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 14:29:15 GMT
age: 2337
x-guploader-uploadid: ABg5-Uxf2VDwzVZ47p93pBP5u2QYgZg2DjlAgu67wRKBDQUdMboVAkPaAhR-X2WEapJYKKMO1DAooAWA-2GQS0VPb9k
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31222
last-modified: Thu, 09 Feb 2017 19:30:38 GMT
server: UploadServer
etag: "8410a6b57e57cac6cca54c330a67ac53"
x-goog-hash: crc32c=BMEHDA==, md5=hBCmtX5XysbMpUwzCmesUw==
x-goog-generation: 1486668638184337
cache-control: public, max-age=3600
x-goog-stored-content-length: 31222
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 19 Mar 2021 15:29:15 GMT

GET
H2

200

Primary Request / Show response
www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Redirect Chain

https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies
https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

120 KB
25 KB

200ms
200ms

Document
text/html

34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

cb843c08c69212bf54fe8ae575e8356e40288fa3bedabe27aedb2b5be98483dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.thelocal.de
:scheme: https
:path: /20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: STC=8e6fc3c13b4d4ce9da2b595fffd87299
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies

Response headers

server: shield
date: Fri, 19 Mar 2021 15:08:12 GMT
content-type: text/html; charset=UTF-8
content-length: 25559
strict-transport-security: max-age=2592000;
x-frame-options: SAMEORIGIN
set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/
link: <https://www.thelocal.de/wp-json/>; rel="https://api.w.org/" <https://www.thelocal.de/wp-json/wp/v2/posts/483457>; rel="alternate"; type="application/json" <https://www.thelocal.de/?p=483457>; rel=shortlink
expires: Thu, 19 Nov 1981 08:52:00 GMT
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
content-language: en-GB
x-shield-request-id: 1581c5d3510cc24fda5e6f817ddba1a1
via: 1.1 google
alt-svc: clear

Redirect headers

server: shield
date: Fri, 19 Mar 2021 15:08:12 GMT
content-type: text/html; charset=UTF-8
content-length: 0
strict-transport-security: max-age=2592000;
x-frame-options: SAMEORIGIN
expires: Fri, 19 Mar 2021 16:08:12 GMT
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
x-redirect-by: WordPress
location: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
x-content-type-options: nosniff
content-language: en-GB
x-shield-request-id: 9c8afbbc521ea15b7acf0e1cb9efbedb
via: 1.1 google
alt-svc: clear

GET
H2 200 style.min.css
www.thelocal.de/wp-includes/css/dist/block-library/ 50 KB
8 KB 36ms
32ms Stylesheet
text/css 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: 10cff3f07c75748d81b779ee5940c96b
alt-svc: clear
content-length: 7849
last-modified: Tue, 23 Feb 2021 10:16:28 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: text/css

GET
H2 200 related-posts-block-styles.min.css
www.thelocal.de/wp-content/plugins/elasticpress/dist/css/ 284 B
316 B 36ms
31ms Stylesheet
text/css 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-content/plugins/elasticpress/dist/css/related-posts-block-styles.min.css?ver=3.5.1

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

70d067735991c685e2ff4b1002571d94671a3cc0b93a4c367a9f268c2d4a8a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: 729c94a1a595610865dc07ca20aec3eb
alt-svc: clear
content-length: 167
last-modified: Sat, 02 Jan 2021 17:56:56 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: text/css

GET
H2 200 thelocal-public.css
www.thelocal.de/wp-content/plugins/thelocal/public/css/ 98 B
225 B 38ms
34ms Stylesheet
text/css 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-content/plugins/thelocal/public/css/thelocal-public.css?ver=1.0.0

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: 6cccca1f8b6b8638b7f406453a06d2af
alt-svc: clear
content-length: 106
last-modified: Sat, 02 Jan 2021 16:40:06 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: text/css

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
18 KB 25ms
20ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css?ver=5.6.2

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617
age: 762033
cdn-cachedat: 2021-03-10 20:26:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eca0b2950000312899b10000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5f80417fa483903970e2436aa0d781e5
cf-ray: 63279d642a4d3128-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 41ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700&ver=5.6.2

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4df0547b55f54db46b6551ea0eb3380f65ea77748d4bec005867b8369c2a397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:36:36 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
714 B 65ms
39ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab%3A300%2C400%2C700&ver=5.6.2

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab88b3cf3ffa1ee64aecfc8eb25913843288e1785c2a03a2544ebc151c1972d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:39:39 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
859 B 49ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C600%2C700%2C900&ver=5.6.2

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d63e008cb5ad29a7c54c3571e7eb33a80bd98fb114a156b51c1037ebc83f7cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:32:23 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
449 B 41ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif%3A400%2C700%2C400italic%2C700italic&ver=5.6.2

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7df0952620e33552c48188cd5877e0c9661c4c0a05a6e87f41af2c9a320a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:35:06 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
768 B 49ms
24ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%2C400italic%2C700italic&ver=5.6.2

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbf396f6e3fdd00039ce9d2c3097e9b17aa25cf85c318378a212af7e292cbc04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:32:30 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:12 GMT

GET
H2 200 themify-icons.css
www.thelocal.de/wp-content/themes/thelocal/ 18 KB
3 KB 51ms
49ms Stylesheet
text/css 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/themify-icons.css?ver=5.6.2

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

15fb44b7806997fbad22250512810480ee919d879688e666623d3ad0f7170306

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: e0461fe2565a702dbf4db04322d58c12
alt-svc: clear
content-length: 3057
last-modified: Sat, 02 Jan 2021 16:39:45 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: text/css

GET
H2 200 owl.carousel.min.css
www.thelocal.de/wp-content/themes/thelocal/ 4 KB
1 KB 36ms
33ms Stylesheet
text/css 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/owl.carousel.min.css?ver=5.6.2

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

038be8f45615031614e5af0403110e7397c99c0d6306201b880dc7de734325f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: 28f83a182af16b2c70cafac31937e624
alt-svc: clear
content-length: 1143
last-modified: Sat, 02 Jan 2021 16:39:45 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: text/css

GET
H2 200 style.css
www.thelocal.de/wp-content/themes/thelocal/ 109 KB
19 KB 37ms
34ms Stylesheet
text/css 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/style.css

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

996077d44196afe7261d71fbe86e9a888d988649e9cf6678b4798ebc5362f182

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: c6fd593fea392a17d717e50135ce0f66
alt-svc: clear
content-length: 19291
last-modified: Thu, 18 Mar 2021 13:28:39 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: text/css

GET
H2 200 jquery.min.js Show response
www.thelocal.de/wp-includes/js/jquery/ 87 KB
30 KB 42ms
40ms Script
application/javascript 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: b0cbb4fc7080fd254d86bd90ac8dc8b6
alt-svc: clear
content-length: 30916
last-modified: Sat, 02 Jan 2021 16:40:45 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
www.thelocal.de/wp-includes/js/jquery/ 11 KB
4 KB 38ms
35ms Script
application/javascript 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: 19cd8dcd534b41e1196b82ef839bacc1
alt-svc: clear
content-length: 4169
last-modified: Sat, 02 Jan 2021 16:40:45 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 thelocal-public.js Show response
www.thelocal.de/wp-content/plugins/thelocal/public/js/ 49 B
161 B 36ms
34ms Script
application/javascript 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-content/plugins/thelocal/public/js/thelocal-public.js?ver=1.0.0

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

04bce7219f39b12a9de15b40c1068ea0c83c4593bfb54bbe953e7543297fcd7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 02 Jan 2021 16:40:06 GMT
server: shield
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: c46d93a7b33443dbb7f1793979e34b8f
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: application/javascript
alt-svc: clear
content-length: 49

GET
H2 200 private-browsing.js Show response
www.thelocal.de/wp-content/themes/thelocal/js/ 2 KB
891 B 55ms
53ms Script
application/javascript 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/js/private-browsing.js

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

2ff8f5ddba2eda0f4362b1cd55e32b5018ebe37a054105c11258e8d9763685bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: 775f80a76d27828ed2cfd10d79470c72
alt-svc: clear
content-length: 771
last-modified: Tue, 09 Mar 2021 08:11:18 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 5 KB
2 KB 49ms
25ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=lGr3ciYmC7

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cedb7b7f799a9a21e86620b15c12642d23a1bb731156f081570ce72fac29db82

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 912
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 08eca0b2fd00004dd67814a000000001
x-request-id: Ccc18qqhp66
wn: prod-exp-10-200-139-48
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 63279d64cfb04dd6-FRA
expires: Fri, 19 Mar 2021 15:38:12 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 58 KB
20 KB 102ms
35ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

392183a83e52266ceefcd0e47b10d52581dc0cec111cbf3ed57552852b458a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "816 / 242 of 1000 / last-modified: 1616152526"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19834
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:12 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.thelocal.de/wp-includes/js/ 14 KB
5 KB 51ms
42ms Script
application/javascript 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: aa9e255a9b43f3ce2f9ed76e82a54345
alt-svc: clear
content-length: 4662
last-modified: Thu, 04 Feb 2021 08:08:56 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 search-black.png
www.thelocal.de/wp-content/themes/thelocal/assets/images/ 353 B
474 B 45ms
36ms Image
image/png 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/assets/images/search-black.png

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

0b5e4a4db26a0835961408925c0266a4b45886455e6829d7b6395e2bbc05548f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 02 Jan 2021 16:39:45 GMT
server: shield
etag: "161-5b7ed811f5b0d"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 2dd7ba76e116a523d866d7fd85a2ab99
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/png
alt-svc: clear
content-length: 353

GET
H2 200 logo-de.svg
www.thelocal.de/wp-content/themes/thelocal/assets/images/ 7 KB
3 KB 48ms
39ms Image
image/svg+xml 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/assets/images/logo-de.svg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

bdf294d45512e50340e76e3282dc8256e1cd0e73e985e661f70b6cec720f0506

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000;
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 15:33:01 GMT
server: shield
etag: W/"1dd5-5bb113c2c4879"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 2b7e9ac83ed21cd71a2bd8c5cb6d66fa
cache-control: max-age=2592000, public
date: Fri, 19 Mar 2021 15:08:12 GMT
content-type: image/svg+xml
alt-svc: clear
via: 1.1 google

GET
H2 200 menu-100x62.png
www.thelocal.de/wp-content/themes/thelocal/assets/images/ 299 B
420 B 50ms
41ms Image
image/png 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/assets/images/menu-100x62.png

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

782ba2dfd68a8b9c7a78fb99b352f5999d1959377f7ddf8ddcf2cb617ac0e78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 02 Jan 2021 16:39:45 GMT
server: shield
etag: "12b-5b7ed811f5b0d"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 0d7beaa293754c3548bb54178eda0987
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/png
alt-svc: clear
content-length: 299

GET
H2 200 menu.png
www.thelocal.de/wp-content/themes/thelocal/assets/images/ 162 B
278 B 47ms
38ms Image
image/png 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/assets/images/menu.png

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

8a2beb7d2709cf77daee23f49115ca5b70803116873ba5f7e721583ec8da7044

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 02 Jan 2021 16:39:45 GMT
server: shield
etag: "a2-5b7ed811f5b0d"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 70e10319c9480d80a8a8aa2f362a3f20
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/png
alt-svc: clear
content-length: 162

GET
H2 200 badge-app-store.svg
www.thelocal.de/wp-content/themes/thelocal/assets/images/ 11 KB
4 KB 49ms
40ms Image
image/svg+xml 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/assets/images/badge-app-store.svg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

798f05d6bfa34057f8d30aa42bae10ab197cf4f23cc4cc479d3edb5571aac79c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000;
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 02 Jan 2021 16:39:44 GMT
server: shield
etag: W/"2a33-5b7ed811ebeca"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 53e6f93409af5702dae8a6d586bb79e3
cache-control: max-age=2592000, public
date: Fri, 19 Mar 2021 15:08:12 GMT
content-type: image/svg+xml
alt-svc: clear
via: 1.1 google

GET
H2 200 badge-play-store.png
www.thelocal.de/wp-content/themes/thelocal/assets/images/ 14 KB
14 KB 45ms
36ms Image
image/png 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/assets/images/badge-play-store.png

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 02 Jan 2021 16:39:44 GMT
server: shield
etag: "3685-5b7ed811ebeca"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: ab4c5352b7889b8b96c8d3de1205b738
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/png
alt-svc: clear
content-length: 13957

GET
H2 200 icon-rss.png
www.thelocal.de/wp-content/themes/thelocal/assets/images/ 936 B
1 KB 51ms
42ms Image
image/png 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/assets/images/icon-rss.png

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

01fac03305746877131be8fd1f27d7e1c2ad5da9e415e880cfce44ee1952c5af

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 02 Jan 2021 16:39:44 GMT
server: shield
etag: "3a8-5b7ed811eedaa"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 32e1407afbc0706e552b671a54e74ec1
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/png
alt-svc: clear
content-length: 936

GET
H2 200 share-2-email.png
www.thelocal.de/wp-content/themes/thelocal/assets/images/ 3 KB
3 KB 50ms
42ms Image
image/png 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/assets/images/share-2-email.png

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

ba69c608eb93b896b99720009f5137a8c6ec32d8c3e4e767c703659a6d039084

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 02 Jan 2021 16:39:45 GMT
server: shield
etag: "bb6-5b7ed811f5b0d"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 2858456e3f04396ec2cf6f872947561c
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/png
alt-svc: clear
content-length: 2998

GET
H2 200 share-2-twitter.png
www.thelocal.de/wp-content/themes/thelocal/assets/images/ 3 KB
3 KB 50ms
41ms Image
image/png 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/assets/images/share-2-twitter.png

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

0832ecd51131cddcc03c71a347c71794e90905760edd857c558747638e9ef0fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 02 Jan 2021 16:39:45 GMT
server: shield
etag: "aa5-5b7ed811f5b0d"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 157aeac641cc90ce95633e503694ae87
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/png
alt-svc: clear
content-length: 2725

GET
H2 200 share-2-facebook.png
www.thelocal.de/wp-content/themes/thelocal/assets/images/ 2 KB
2 KB 51ms
42ms Image
image/png 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/assets/images/share-2-facebook.png

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

f9d9d28ffccb125a0a4dd3915d4b20989a57eb6c3e625407099ddf5c4398c843

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 02 Jan 2021 16:39:45 GMT
server: shield
etag: "84d-5b7ed811f5b0d"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 0a6c92971b67e4d89af91614e43fcbe6
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/png
alt-svc: clear
content-length: 2125

GET
H2 200 share-2-linkedin.png
www.thelocal.de/wp-content/themes/thelocal/assets/images/ 2 KB
2 KB 46ms
38ms Image
image/png 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/assets/images/share-2-linkedin.png

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

c9de0808d80da692f263ffd35e0eff4b9eca431045110d5b18f015bb6a073e8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 02 Jan 2021 16:39:45 GMT
server: shield
etag: "95e-5b7ed811f5b0d"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 9ab33780243378cdf3d5440882b18499
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/png
alt-svc: clear
content-length: 2398

GET
H2 200 c927fa92006a23fbf3e01ed30ae03b25d1ddf22b2b0d050f124e1d2cc10c1cc1-646x431.jpg
www.thelocal.de/wp-content/uploads/2018/07/ 34 KB
34 KB 94ms
86ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2018/07/c927fa92006a23fbf3e01ed30ae03b25d1ddf22b2b0d050f124e1d2cc10c1cc1-646x431.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

c0eb2d328f5a07da01283f48a3b169e4209402d4fd5138b49a3d4ca0a78ec27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:29:43 GMT
server: shield
etag: "8632-5b819c9cf7b32"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: a3c6ac3e0835633819838252dd450e2e
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 34354

GET
H2 200 ea0d086a817b3de96cb322020176d5a922fb52b469d76d85cea3f1458b36bc59.jpg
www.thelocal.de/wp-content/uploads/2016/11/ 59 KB
59 KB 116ms
108ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2016/11/ea0d086a817b3de96cb322020176d5a922fb52b469d76d85cea3f1458b36bc59.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

2707752f21948ac6df175d9271b8b7f1e981b0ccac1445b07d09d88f06b75353

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:21:01 GMT
server: shield
etag: "ead9-5b819aab1e2a9"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 37581b1bb35f94b7a8420c4d468811ec
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 60121

GET
H2 200 585851fcc67bf276e4ce244a3ea78e373ec7aa57bfea183ffbf0a9b9548c697a.jpg
www.thelocal.de/wp-content/uploads/2016/11/ 21 KB
21 KB 103ms
94ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2016/11/585851fcc67bf276e4ce244a3ea78e373ec7aa57bfea183ffbf0a9b9548c697a.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

fceaa3a8c3793af6f1537ca3f72c5a7eca9ffde0b96684f986b25247c76a7071

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:20:56 GMT
server: shield
etag: "5413-5b819aa68744d"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: bce9b4f35366c95c87f23ce3a050d91d
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 21523

GET
H2 200 c0bdae260048f2307c5ff263cdc02f3a6af1dfdf02cf3402260104f5667f92ee.jpg
www.thelocal.de/wp-content/uploads/2015/04/ 51 KB
52 KB 117ms
109ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2015/04/c0bdae260048f2307c5ff263cdc02f3a6af1dfdf02cf3402260104f5667f92ee.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

b3439ba3c8b711b428c268f53d6f84c6a4d098cae1022c7cfe7be153b64a6fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:14:55 GMT
server: shield
etag: "cd71-5b81994e2cd5e"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: ea160fd7fc3c07909647886fd2cbdf37
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 52593

GET
H2 200 b0a93a7d5374a396ebf40dbc159040c8cc566065df24d23d2e8121d965f0cf57.jpg
www.thelocal.de/wp-content/uploads/2015/02/ 58 KB
58 KB 133ms
125ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2015/02/b0a93a7d5374a396ebf40dbc159040c8cc566065df24d23d2e8121d965f0cf57.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

265ed8a897adc6424196f6761ddc750dfe729ee0efb3d8a0a7640b8d6e09e498

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:14:15 GMT
server: shield
etag: "e809-5b8199285879d"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 52345facc389cb4bbbdbdb879f1d84c5
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 59401

GET
H2 200 9b5f90d0bd671164429a56ed84ae07f628cc80a7c205d1705d66cad499d26498.jpg
www.thelocal.de/wp-content/uploads/2014/11/ 54 KB
54 KB 133ms
125ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2014/11/9b5f90d0bd671164429a56ed84ae07f628cc80a7c205d1705d66cad499d26498.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

c6c9e5eea4794b721d05fc34c3a8992554547f2a28633258dfffb071eb260cda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:13:15 GMT
server: shield
etag: "d671-5b8198ef4015d"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 831bf442742ab91f6e25ec12dcd2de59
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 54897

GET
H2 200 6262cb2f3b08e3a3eac26be22de8684dcdbd1e157f00c7e9050140fcfb6aac23.jpg
www.thelocal.de/wp-content/uploads/2014/07/ 58 KB
59 KB 123ms
116ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2014/07/6262cb2f3b08e3a3eac26be22de8684dcdbd1e157f00c7e9050140fcfb6aac23.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

b3c7fe08eb53ae89c087e5cd6895c990cd60895daf2614f277ce8c0e2565b15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:11:47 GMT
server: shield
etag: "e9b0-5b81989ba5068"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 8dfa773ae932812622f93f9fcf8a359e
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 59824

GET
H2 200 0974f2b777a7da29f0728361b6036e1980c8b4033398c823d90f59cee1c83cd5.jpg
www.thelocal.de/wp-content/uploads/2014/07/ 53 KB
54 KB 136ms
129ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2014/07/0974f2b777a7da29f0728361b6036e1980c8b4033398c823d90f59cee1c83cd5.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

4a610931c40cb0a68ef05aade61768eabe1bb5fce7f76fe4de45d94f8685377c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:11:38 GMT
server: shield
etag: "d5f8-5b8198930f960"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 91a311ab2427bf15a0720654fea96405
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 54776

GET
H2 200 77e1256d7887aff8d0af482d8696340d734b4525d066ace7f1d15e31cb29e374.jpg
www.thelocal.de/wp-content/uploads/2014/07/ 48 KB
49 KB 113ms
106ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2014/07/77e1256d7887aff8d0af482d8696340d734b4525d066ace7f1d15e31cb29e374.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

9e5e3549f0558b79505382a201015ef08217949a64193fcd87f07fe1b7992efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:11:49 GMT
server: shield
etag: "c119-5b81989cacb7d"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 6b776ac79fc221c0f8924754b22e08cb
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 49433

GET
H/1.1

200
OK

pixelNew.js
s3.amazonaws.com/scripts-clickmeter-com/js/
Redirect Chain

https://pixel.watch/3u2e
https://s3.amazonaws.com/scripts-clickmeter-com/js/pixelNew.js

2 KB
2 KB

494ms
142ms

Image
application/x-javascript

52.216.92.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/scripts-clickmeter-com/js/pixelNew.js
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.92.29 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 15:08:14 GMT
Last-Modified: Wed, 17 Dec 2014 10:04:21 GMT
Server: AmazonS3
x-amz-request-id: DHY40ZRE0ZH798ME
ETag: "5ecfcd6d8fa19e88256687ff922f77d0"
Content-Type: application/x-javascript
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 2271
x-amz-id-2: hZPi4zzYpqVgDEhOutD3Pk2O06Po9EH8mtLWZdqM6sELM6Qc8kQkKJZJ3hzL21ougEUMoyXw5TM=

Redirect headers

Date: Fri, 19 Mar 2021 15:08:13 GMT
X-Rate-Limit-Limit: 20s
X-Rate-Limit-Remaining: 299
Location: https://s3.amazonaws.com/scripts-clickmeter-com/js/pixelNew.js
X-Rate-Limit-Reset: 2021-03-19T15:08:33.3414360Z
Engine: clickmeter.redirect, version 2.0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

pixelNew.js
s3.amazonaws.com/scripts-clickmeter-com/js/
Redirect Chain

https://pixel.watch/msvm
https://s3.amazonaws.com/scripts-clickmeter-com/js/pixelNew.js

2 KB
2 KB

499ms
138ms

Image
application/x-javascript

52.216.92.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/scripts-clickmeter-com/js/pixelNew.js
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.92.29 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 15:08:14 GMT
Last-Modified: Wed, 17 Dec 2014 10:04:21 GMT
Server: AmazonS3
x-amz-request-id: DHY86G9KCKETHER6
ETag: "5ecfcd6d8fa19e88256687ff922f77d0"
Content-Type: application/x-javascript
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 2271
x-amz-id-2: yfrWhHXYFz347BfKGucFbORrxbrPme8JcWvHHhvR/SJ0xAlI7TKV1tgBAAXtS6M3AkzTbczbSz8=

Redirect headers

Date: Fri, 19 Mar 2021 15:08:13 GMT
X-Rate-Limit-Limit: 20s
X-Rate-Limit-Remaining: 299
Location: https://s3.amazonaws.com/scripts-clickmeter-com/js/pixelNew.js
X-Rate-Limit-Reset: 2021-03-19T15:08:33.3423320Z
Engine: clickmeter.redirect, version 2.0
Connection: keep-alive
Content-Length: 0

GET
H2 200 icon-facebook.png
www.thelocal.de/wp-content/themes/thelocal/assets/images/ 442 B
563 B 54ms
47ms Image
image/png 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/assets/images/icon-facebook.png

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

688420b8dde92de0e3a9c4d0d634aeb05e903be0872f3911675fe5e7e5f994d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 02 Jan 2021 16:39:44 GMT
server: shield
etag: "1ba-5b7ed811eedaa"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 8000dc5fecb8b0ce22e77e7559572506
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/png
alt-svc: clear
content-length: 442

GET
H2 200 icon-twitter.png
www.thelocal.de/wp-content/themes/thelocal/assets/images/ 723 B
843 B 54ms
47ms Image
image/png 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/assets/images/icon-twitter.png

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

e45b56c8b4931f609b1b9ce5ebd623a17adc751532060d88740cd339243e7b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 02 Jan 2021 16:39:44 GMT
server: shield
etag: "2d3-5b7ed811f0ceb"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: cb9d26ea4eacccd64e4926c49621cc4f
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/png
alt-svc: clear
content-length: 723

GET
H2 200 icon-linkedin.png
www.thelocal.de/wp-content/themes/thelocal/assets/images/ 1 KB
1 KB 54ms
48ms Image
image/png 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/assets/images/icon-linkedin.png

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

5d85232d6d908969ab03204157266bd34c1c639c4d7497796ee840a0217d622e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 02 Jan 2021 16:39:44 GMT
server: shield
etag: "401-5b7ed811eedaa"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: cc88c1f5679225dc6453e9b8e4525b70
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/png
alt-svc: clear
content-length: 1025

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
12 KB 20ms
20ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617
age: 762033
cdn-cachedat: 2021-03-10 20:26:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eca0b2cd00003128c1856000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b8b8d0e128f85a4f8be65a1ca536ff28
cf-ray: 63279d647add3128-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jqBootstrapValidation.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqBootstrapValidation/1.3.7/ 18 KB
5 KB 29ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqBootstrapValidation/1.3.7/jqBootstrapValidation.min.js

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1164ca0dbe884f218dc08a764f76beb90f2205d922691543226c2f24055c520b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2702268
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4261
cf-request-id: 08eca0b2de00002c22a3209000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-498e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G6XlfiDw9fzU0zYuc6KaHULwUYDd%2Ft65JKs3Fg4C5xGfB8kICj1s%2FW4M4xQmqZUpNVHC3bj10Bz9oR9iSiXuPSrQvFjsHbofq%2FhGtF8UaRuKdniK2G6IhSi5EC3N1K7onA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 63279d649db12c22-FRA
expires: Wed, 09 Mar 2022 15:08:12 GMT

GET
H2 200 tinypass-gtp.min.js Show response
cdn.tinypass.com/api/ 6 KB
3 KB 39ms
16ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass-gtp.min.js

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22098c14b82c63deed882fc09f78b8745d6d5d53a352962bd9a1767f6b5fc776

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 2039
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 08eca0b2fb00004d89be34e000000001
wn: prod-dash-10-0-122-221
last-modified: Thu, 18 Mar 2021 11:41:56 GMT
server: cloudflare
etag: W/"6122-1616067716000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=1200
cf-ray: 63279d64cd7c4d89-FRA
expires: Fri, 19 Mar 2021 15:28:12 GMT

GET
H2 200 navigation.js Show response
www.thelocal.de/wp-content/themes/thelocal/js/ 3 KB
1 KB 41ms
32ms Script
application/javascript 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/js/navigation.js

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: d1a91fe9c6080294a54410a0dcffdb5b
alt-svc: clear
content-length: 1094
last-modified: Sat, 02 Jan 2021 16:39:45 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 skip-link-focus-fix.js Show response
www.thelocal.de/wp-content/themes/thelocal/js/ 685 B
514 B 41ms
32ms Script
application/javascript 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/js/skip-link-focus-fix.js

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: 2910c02c2b989e986152703d3c4b053c
alt-svc: clear
content-length: 417
last-modified: Sat, 02 Jan 2021 16:39:45 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 owl.carousel.min.js Show response
www.thelocal.de/wp-content/themes/thelocal/js/ 42 KB
11 KB 40ms
31ms Script
application/javascript 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/js/owl.carousel.min.js

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: 8d12d0401158d7eaa02ad0257a6bf03d
alt-svc: clear
content-length: 10926
last-modified: Sat, 02 Jan 2021 16:39:45 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 theme.js Show response
www.thelocal.de/wp-content/themes/thelocal/js/ 24 KB
5 KB 47ms
39ms Script
application/javascript 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-content/themes/thelocal/js/theme.js

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

e7ab956ae2777b87598483e9f8cd2aab53ebfb8640143348fb33f38b98ff730b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: 7564f4b32695227b876adb21cbf626a8
alt-svc: clear
content-length: 5004
last-modified: Wed, 10 Mar 2021 16:01:23 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 comment-reply.min.js Show response
www.thelocal.de/wp-includes/js/ 3 KB
1 KB 39ms
31ms Script
application/javascript 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-includes/js/comment-reply.min.js?ver=5.6.2

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

ab21fef3ac4ee12ebb305942f85de99b290b8a24654c69060e54673d5f3a11f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: 44e70dfd60d06fea79fd6500a2a5a45a
alt-svc: clear
content-length: 1348
last-modified: Thu, 04 Feb 2021 08:08:56 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 ajax.js Show response
www.thelocal.de/wp-content/plugins/zeno-report-comments/js/ 750 B
522 B 48ms
38ms Script
application/javascript 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-content/plugins/zeno-report-comments/js/ajax.js?ver=1.3.5

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

5e93c9b648a51416a92aa86d1a5b7d7637d91a410f402af531832cf9ec131b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: 79151059e7fc2655d79cfa0ca2b1e4d4
alt-svc: clear
content-length: 396
last-modified: Tue, 23 Feb 2021 08:13:23 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 wp-embed.min.js Show response
www.thelocal.de/wp-includes/js/ 1 KB
866 B 47ms
37ms Script
application/javascript 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelocal.de/wp-includes/js/wp-embed.min.js?ver=5.6.2

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-shield-request-id: 96181c6ed6685dbac3c042fe93e44a67
alt-svc: clear
content-length: 765
last-modified: Thu, 04 Feb 2021 08:08:56 GMT
server: shield
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000;
content-language: en-GB
via: 1.1 google
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK stf.js Show response
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com/ 15 KB
6 KB 94ms
30ms Script
text/javascript 184.30.24.141
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com/stf.js
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-141.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fef6d5b54da0d9e0479a9560e9236c70713eab51dbeca880a78ac30067bcceba

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 15:08:12 GMT
Content-Encoding: gzip
Origin: https://mycloud.rackspace.com
Last-Modified: Tue, 01 Dec 2020 11:17:59 GMT
X-Trans-Id: tx3ba9c3aa3e654ba9bc23e-005fc62672dfw1
ETag: 9938b8ddbd1e9cb76af2bc7b25514c8e
Vary: Accept-Encoding
Content-Type: text/javascript
X-Timestamp: 1606821478.00915
Cache-Control: public, max-age=41776
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5238
Expires: Sat, 20 Mar 2021 02:44:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
35 KB 26ms
20ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKL5P9W

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22e30d4d10965b5bac4a0d7cd6f905b766688a87118cd3a76c3b5baa8ed317b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35462
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:12 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/108993/ Frame 37E0
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/108993/connatix.player.dc.js

963 KB
210 KB

87ms
26ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/108993/connatix.player.dc.js
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b06f297b6c7cf23ad1a51e2e0ae58af4dad4ef227989e366a2c06e7d6189f0aa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: V5PFAHs_0p8B8bK4HsT5mnlelDEqf1II
via: 1.1 varnish, 1.1 varnish
etag: "3d407a5345448fce2f9a2f8186c56985"
age: 4369
x-cache: HIT, HIT
x-amz-replication-status: FAILED
content-encoding: br
content-length: 214580
x-served-by: cache-dca17739-DCA, cache-hhn4047-HHN
last-modified: Fri, 19 Mar 2021 12:09:52 GMT
x-timer: S1616166493.071286,VS0,VE0
date: Fri, 19 Mar 2021 15:08:13 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 57

Redirect headers

date: Fri, 19 Mar 2021 15:08:12 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-served-by: cache-hhn4033-HHN
x-cache: HIT
location: https://cds.connatix.com/p/108993/connatix.player.dc.js
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
x-timer: S1616166493.970672,VS0,VE1
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/Uznnx7uFLxujG/www.thelocal.de/ 5 KB
2 KB 36ms
10ms Script
application/javascript 2600:9000:2182:1e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/Uznnx7uFLxujG/www.thelocal.de/choice.js
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:1e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 436cbe4f9350ad17cca7e1fc3bd58fb8a820ed7784ddd8b27afe1b3f3b5d000a

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:07 GMT
content-encoding: br
etag: W/"1e24b95f659afa2ec699ef5e7d772aa8"
last-modified: Wed, 10 Feb 2021 20:20:52 GMT
server: AmazonS3
age: 18
x-amz-server-side-encryption: AES256
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: qYJHOlzwOb3Poxl14DfOIdYMOZxEcGyFitUohJE2E8O50FaNhdKxyQ==

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 52ms
30ms Script
application/javascript 2606:4700:e6::ac40:ce18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2444
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: A27C212E2231D899
x-amz-id-2: 1cd2S2WOvb8G1v6HhOOni90/eIlZtIGi7dwRoYQbHPFhDHUXZRY7neebruxV0Y4+WgfDzXsJLfY=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eGRMADFn3MbrPUHpfYLMghJ%2B9TJcZl8rzrTp3tOchsOjRjT3W25ZbeyiYmSOfp52mMLAmmp0DuRJJka8qzhm5UHEdrxvGUnvReo5nAFirfN%2BypD2nM%2BkR86KU6w%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cache-control: max-age=28800
cf-request-id: 08eca0b30e00004e2000294000000001
cf-ray: 63279d64d85b4e20-FRA

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 11ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700&ver=5.6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 332185
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:51:47 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ 39 KB
39 KB 11ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab%3A300%2C400%2C700&ver=5.6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:00:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:03:59 GMT
server: sffe
age: 151691
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39440
x-xss-protection: 0
expires: Thu, 17 Mar 2022 21:00:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700&ver=5.6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 155741
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:52:31 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 12ms
9ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/Uznnx7uFLxujG/www.thelocal.de/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 26 Mar 2021 15:08:13 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 278 KB
77 KB 10ms
9ms Script
text/javascript 2600:9000:2182:1e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.thelocal.de
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/Uznnx7uFLxujG/www.thelocal.de/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:1e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29507fd3a172d0d54a23c53defa95fe78dbf477c5577b7b789abc2946c8a40d8

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 19 Mar 2021 15:07:34 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 17:11:22 GMT
server: AmazonS3
age: 65
etag: W/"814cf3c7bdd5dafb6ad642c1b52006c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: _uXkZWxh34wvqQUZqj9L4j5M8fZaaJjRraatUzlJ8Ax5xZuhqkPytA==

GET
H2 200 cd908fb136a409a75defcc4c9457c7d11897ea55ae300b030bc68997a2451adb-646x431.jpg
www.thelocal.de/wp-content/uploads/2018/03/ 27 KB
27 KB 93ms
88ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2018/03/cd908fb136a409a75defcc4c9457c7d11897ea55ae300b030bc68997a2451adb-646x431.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

f971c786d984ddaceec533086febb2c52f6b6f1b9c6fb038899aa168153afdc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:27:48 GMT
server: shield
etag: "6cf4-5b819c2fa1346"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 97a9c331dd244ab1c00c9d8f976996f7
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 27892

GET
H2 200 bbf311d981974d18a5ed0559190d99643dc9843970c8ee17cd89b0fb39ffcb9f-646x423.jpg
www.thelocal.de/wp-content/uploads/2017/12/ 34 KB
34 KB 90ms
86ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2017/12/bbf311d981974d18a5ed0559190d99643dc9843970c8ee17cd89b0fb39ffcb9f-646x423.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

5d343d429fb8043b93112d5205c715baead5867fd65f7670323fb76f9ce35a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:26:23 GMT
server: shield
etag: "892d-5b819bde88c61"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: c38a098fb7b6e2710fc55c88e1b30fa2
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 35117

GET
H2 200 7ae5a359ea84257c12ebbf30ecdbeeb1db54b7109f91e72d1120deb8f2e8540d-646x431.jpg
www.thelocal.de/wp-content/uploads/2017/12/ 100 KB
101 KB 112ms
107ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2017/12/7ae5a359ea84257c12ebbf30ecdbeeb1db54b7109f91e72d1120deb8f2e8540d-646x431.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

0c15b3f621616660acc329324f0ca67b65545e1979dfb17a0ce7f33f2238906b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:26:20 GMT
server: shield
etag: "191d7-5b819bdc06251"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 2144f16faeade33ff014982545854896
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 102871

GET
H2 200 e042275f1e67b78717b31ba97c09ba551d7b3a6e3410eec16eb131147571978d-646x431.jpg
www.thelocal.de/wp-content/uploads/2017/10/ 33 KB
34 KB 89ms
85ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2017/10/e042275f1e67b78717b31ba97c09ba551d7b3a6e3410eec16eb131147571978d-646x431.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

459cba4f908024b565fd499c3b301eb5dba0cc742ee31901817bd366e91d37a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:25:35 GMT
server: shield
etag: "8568-5b819bb103822"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 165ddb61717b5fc6bf625b1ac59b6fa1
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 34152

GET
H2 200 24b0c6ce28d942397de4f54d74a8dfb1d61bcae1fb07e41f985bf51551e14631-646x426.jpg
www.thelocal.de/wp-content/uploads/2017/10/ 60 KB
60 KB 95ms
91ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2017/10/24b0c6ce28d942397de4f54d74a8dfb1d61bcae1fb07e41f985bf51551e14631-646x426.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

96533451953f613ec07f99c6b1f7a177cc32ed09ff0f2ce2ed5bc18d99a50125

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:25:26 GMT
server: shield
etag: "f07b-5b819ba8be274"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 0ddde7a0afca94f61d9a0212a588514c
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 61563

GET
H2 200 ab8c7f7c44d61a2df1d90be69fe62442f057d7f6cf0dd0fd65c82ac53f268fe8-640x431.jpg
www.thelocal.de/wp-content/uploads/2017/05/ 18 KB
18 KB 83ms
80ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2017/05/ab8c7f7c44d61a2df1d90be69fe62442f057d7f6cf0dd0fd65c82ac53f268fe8-640x431.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

a58121d86f32fd2d79e212852b496d1a92bbf1cea170909dd61ee62180db6fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:23:28 GMT
server: shield
etag: "4933-5b819b374ccb3"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: b9c7df33f2bafce2a236999987425d5c
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 18739

GET
H2 200 55a6485b5eeb2d3f07bc942f4c784daebd29f5b443835a2982fbd6fce50d6140.jpg
www.thelocal.de/wp-content/uploads/2017/05/ 40 KB
40 KB 201ms
198ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2017/05/55a6485b5eeb2d3f07bc942f4c784daebd29f5b443835a2982fbd6fce50d6140.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

50f3dd96e8784a1efd81a8c754c243aad94ae5f5473eeb48744a78cb3e0d6d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:23:24 GMT
server: shield
etag: "9f7a-5b819b33a6264"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: fd4f56dd5a2c537a63c3c5f88bc25347
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 40826

GET
H2 200 4b487a8fd94aad622d53454fb3fe06beb968b51b09c7db6d5f0c6af7c62f6ddc-646x431.jpg
www.thelocal.de/wp-content/uploads/2017/05/ 54 KB
54 KB 97ms
94ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2017/05/4b487a8fd94aad622d53454fb3fe06beb968b51b09c7db6d5f0c6af7c62f6ddc-646x431.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

3c538dd53748eea964a55c803d7db4ebcd63ba1a82658816914d5941696f18b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:23:23 GMT
server: shield
etag: "d767-5b819b33272fb"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 6fdc0c581c6f49a8dd223d14130697b0
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 55143

GET
H2 200 d5535aae405d6deac7a9c1f56bcfcab9c184269a2b636843acaf444f3aefbd56-646x431.jpg
www.thelocal.de/wp-content/uploads/2017/03/ 47 KB
47 KB 199ms
196ms Image
image/jpeg 34.120.119.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelocal.de/wp-content/uploads/2017/03/d5535aae405d6deac7a9c1f56bcfcab9c184269a2b636843acaf444f3aefbd56-646x431.jpg

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.119.48 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

48.119.120.34.bc.googleusercontent.com

Software

shield /

Resource Hash

8d77969f93ff1ff6585ba5d8b48d3738565967b067beaf00a2b12f53173fcf71

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 21:22:40 GMT
server: shield
etag: "bc4b-5b819b09da15a"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 30fec6dd5724e00d74ca35a129a4803c
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 48203

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 401 KB
126 KB 35ms
33ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=lGr3ciYmC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

223aef9bae69f5857f9ee4b43056cd32febffcc2ab56cc003141a3a9d11fa753

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 233
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 08eca0b37a00004d89a7b96000000001
wn: prod-dash-10-0-138-3
last-modified: Thu, 18 Mar 2021 11:41:56 GMT
server: cloudflare
etag: W/"411056-1616067716000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=300
cf-ray: 63279d658ed24d89-FRA
expires: Fri, 19 Mar 2021 15:13:13 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 136 KB
52 KB 52ms
37ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-68EFP8XFKZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL5P9W

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18fb2b2ed46d09723d073d1b34370ceadab9bc77b7275373dbeeeed2e625b0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53480
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:13 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 136 KB
52 KB 48ms
33ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XFSR2700S9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL5P9W

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72ae348633f65e8fc8a7616aa16f61cf43ff0048d75d2c16d106ffa4f24ac976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53477
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:13 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 136 KB
53 KB 43ms
28ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4QDBGH7879&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL5P9W

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8deffaa55f9ed4e7f22f3b2ca18be0e897acd9d9adddab6a3481317dc67c18a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53536
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKL5P9W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3938
date: Fri, 19 Mar 2021 14:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 19 Mar 2021 16:02:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 34ms
34ms Script
application/x-javascript 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00a:e:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: H2QzPAkbtYao4dElJkAZTbun218Ii49lVAMuu24HodKMXIq9aJP1TMyqI9jn78rcjQYcdcYxPAYFTOxoH1mZFw==
x-fb-trip-id: 1082456386
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 19 Mar 2021 15:08:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 27ms
26ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 54552
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1616166493.095888,VS0,VE0
x-served-by: cache-fra19144-FRA

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:7100:191::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:191::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 15:08:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=61100
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 rules-p-Uznnx7uFLxujG.js Show response
rules.quantcount.com/ 3 B
356 B 138ms
117ms Script
application/x-javascript 2600:9000:211e:5800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Uznnx7uFLxujG.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:5800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:04:07 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 247
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
cache-control: max-age=300
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 3
x-amz-cf-id: W_61kFFC48aKuYoaIO3yebsmRkkhKjX4ffkzsedGmD--g4AsvU0oIg==

GET
H3-Q050 200 pubads_impl_2021031601.js Show response
securepubads.g.doubleclick.net/gpt/ 285 KB
100 KB 77ms
45ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js?31060501

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 08:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102421
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:13 GMT

GET
H3-Q050 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
1 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 14:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1668
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:40:25 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=201345&time=1616166493151&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D201345%26time%3D1616166493151%26url%3Dhttps%253A%252F%252Fwww.thelocal.de%252F201...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=201345&time=1616166493151&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&liSync=...

0
40 B

188ms
187ms

Image
application/javascript

2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=201345&time=1616166493151&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&liSync=true
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: dIFZ+NzGbRbA7LobQSsAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: r72a7NzGbRZgDQLFMysAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: FB7FE08E4A1C406FAB7FAD81312965A3 Ref B: FRAEDGE0719 Ref C: 2021-03-19T15:08:13Z
date: Fri, 19 Mar 2021 15:08:12 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=201345&time=1616166493151&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1765939700386961 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 34ms
34ms Script
application/x-javascript 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1765939700386961?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00a:e:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f88e2db7e497332b17ea70a3fc9b66c6666af1e1a168893f24735cfebdafced2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70603
x-fb-rlafr: 0
pragma: public
x-fb-debug: jZc+mjE1b2bpzSo8ksU/x5Rod4A10a6wGC72ZWJT8ldCE7GeKwsVLSSv4kThnbD2zmi739fUQdNz1MYZd1cXxw==
x-fb-trip-id: 1082456386
x-frame-options: DENY
date: Fri, 19 Mar 2021 15:08:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
167 B 13ms
13ms Other
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-68EFP8XFKZ&gtm=2oe3a0&_p=1758244695&sr=1600x1200&ul=en-us&cid=6919505.1616166493&_s=1&dl=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&dr=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies&dt=Chinese%20spy%20on%20Bundestag%20through%20social%20media%20info%20purchased%20from%20German%20politicians%3A%20report%20-%20The%20Local&sid=1616166493&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-68EFP8XFKZ&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thelocal.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
21 B 14ms
14ms Other
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XFSR2700S9&gtm=2oe3a0&_p=1758244695&sr=1600x1200&ul=en-us&cid=6919505.1616166493&_s=1&dl=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&dr=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies&dt=Chinese%20spy%20on%20Bundestag%20through%20social%20media%20info%20purchased%20from%20German%20politicians%3A%20report%20-%20The%20Local&sid=1616166493&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XFSR2700S9&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thelocal.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
21 B 14ms
13ms Other
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4QDBGH7879&gtm=2oe3a0&_p=1758244695&sr=1600x1200&ul=en-us&cid=6919505.1616166493&_s=1&dl=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&dr=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies&dt=Chinese%20spy%20on%20Bundestag%20through%20social%20media%20info%20purchased%20from%20German%20politicians%3A%20report%20-%20The%20Local&sid=1616166493&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4QDBGH7879&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thelocal.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
170 B 140ms
140ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nyvw0&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Fri, 19 Mar 2021 15:08:13 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 5f0949b290f26903ca5415c8c33fe53e
x-transaction: 000c66a90080fddb
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/41415/ 437 KB
113 KB 36ms
33ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/41415/adpushup.js
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 902b7763b22837f28209dc69c32159ab669b1edb6ddf2a29e0b57ae0ee6992d0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: br
x-cf3: H
cf4ttl: 604800.000
x-cf1: 28371:fC.fra2:co:1615537614:cacheN.fra2-01:M
x-cf-geodata: CH
content-length: 115208
x-cf-tsc: 1616165488
x-cf2: H
last-modified: Fri, 19 Mar 2021 08:36:13 GMT
server: CFS 0215
x-cff: B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
cf4age: 22514
accept-ranges: bytes
expires: Fri, 19 Mar 2021 15:23:13 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/thelocal-network/ 309 KB
30 KB 77ms
25ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/thelocal-network/loader.js
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9fef207c41530889038d5f65fa75cb6520a7cb7d89760b1a4ea24ce0ef5087af

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: EXZsVdNEEuINT53jfrQMfiwe4DZtbB5c
content-encoding: gzip
etag: "c685d6ef14186605a7a85877194e39b8"
age: 115
x-cache: HIT
content-length: 29801
x-amz-id-2: /x76KiOFiOUqSZ95+rCBiPsWRRwuA3OrswN293j4G6bIvIqiDxsKYCyIiHrwf9vIXi8JqWQcvoQ=
x-served-by: cache-hhn11532-HHN
last-modified: Thu, 18 Mar 2021 11:15:41 GMT
server: AmazonS3
x-timer: S1616166493.303193,VS0,VE1
date: Fri, 19 Mar 2021 15:08:13 GMT
vary: Accept-Encoding
x-amz-request-id: ZT98A8BD5HJFWXV4
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 86
x-cache-hits: 1

GET
H2

200

Carambola_layer_112.min.js Show response
cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/js/
Redirect Chain

https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/js/Carambola_layer_112.min.js

417 KB
108 KB

126ms
30ms

Script
text/javascript

152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/js/Carambola_layer_112.min.js
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF1) /
Resource Hash: 218c3c13c88945e8078140180291cc77e9ce674f5547003440316ffa4c5f35c3

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 7623805
x-cache: HIT
content-length: 110605
x-amz-id-2: bCqp9IYTNqfG2eTVeleuQGUsSgLavrwnBOdHB6CWNrBKmfAKtg3Vj/ZjVHJkty+mjjYbjBFV02I=
last-modified: Mon, 21 Dec 2020 09:03:09 GMT
server: ECS (mil/6CF1)
etag: "1b7e9f05e9c66de50e5d023f6872400c+gzip"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: 6295F29901EE2996
access-control-allow-origin: *
cache-control: max-age=63072000,s-maxage=63072000
accept-ranges: bytes
content-type: text/javascript

Redirect headers

Location: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/js/Carambola_layer_112.min.js
Date: Fri, 19 Mar 2021 15:08:13 GMT
Server: nginx/1.14.1
Connection: keep-alive
X-Powered-By: Express
Content-Length: 0

GET
H2 200 sdk.js Show response
api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 37ms
16ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 946
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eca0b45800004abdcb265000000001
last-modified: Fri, 12 Mar 2021 14:35:27 GMT
server: cloudflare
etag: W/"1bbec-17826dd1798"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 63279d66f9cb4abd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 19 Mar 2021 19:08:13 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
342 B 26ms
25ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=lGr3ciYmC7

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06b5a25d7ea25ec305b9fa5019555e7347cc9c67f489dc3eb27eee438fd82a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 293
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 08eca0b44800004dd654a5d000000001
x-request-id: Ckt18qqAEP0
pragma
wn: prod-dash-10-0-120-30
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=1200
cf-ray: 63279d66db724dd6-FRA
expires: Fri, 19 Mar 2021 15:28:13 GMT

GET
H2 200 connatix.player.css
cds.connatix.com/p/108993/ 54 KB
8 KB 28ms
28ms Stylesheet
text/css 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/108993/connatix.player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5e87fab4ec1fbf5ee31fbbe9c5385131e9a7c8eaafc422a6eab9898f02354e56

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 73rN2VlfXBUS4xzIiL3b9bgnBHL9blsg
via: 1.1 varnish, 1.1 varnish
etag: "1c8568dbcbd95ca00cae358ebebd9f4f"
age: 4372
x-cache: HIT, HIT
x-amz-replication-status: FAILED
content-encoding: br
content-length: 8346
x-served-by: cache-dca17766-DCA, cache-hhn4047-HHN
last-modified: Fri, 19 Mar 2021 12:09:52 GMT
x-timer: S1616166493.336845,VS0,VE0
date: Fri, 19 Mar 2021 15:08:13 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 462

GET
H2 200 verify Show response
id.tinypass.com/id/api/v1/identity/token/ 198 B
973 B 124ms
121ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jQuery11240142392920609403_1616166493163&client_id=lGr3ciYmC7&site=https%3A%2F%2Fwww.thelocal.de&_=1616166493164

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07334c67828e50efb00fd71edd49df8cba4b6a1c2de1195e9207d0b329730a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 08eca0b49c00004d89ad3f5000000001
x-request-id: Cp128qqvvQ8
pragma: no-cache
wn: prod-id-10-0-114-7
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.001
cf-ray: 63279d67596d4d89-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
266 B 36ms
36ms Image
image/gif 2a03:2880:f10a:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1765939700386961&ev=PageView&dl=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&rl=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies&if=false&ts=1616166493371&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1616166493369.1032061824&it=1616166493174&coo=false&rqm=GET

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10a:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 19 Mar 2021 15:08:13 GMT

OPTIONS
H2 200 39
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 137ms
124ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/39?email=&visitor=&stored_visitor=&pnespid=

Protocol

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.thelocal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.thelocal.de
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-tq-node: x
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 08eca0b4dd000005bb1faa4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63279d67cc5d05bb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 39 Show response
api-esp.piano.io/publisher/fusion/lucid/data/ 80 KB
3 KB 129ms
128ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/39?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ddb34967f7c938719b833dc88baf7cd4322b6359cc899cb34ce3ec2a9213ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eca0b55800004abdad1c3000000001
server: cloudflare
etag: W/"13ecf-aPshaBpeUaFNG2JzJ34pnxMPXvQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelocal.de
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 63279d688c424abd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2 200 impl.20210315-9-RELEASE.js Show response
cdn.taboola.com/libtrc/ 469 KB
108 KB 30ms
30ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210315-9-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thelocal-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ba5a2163e85179a25680ed144a7be87bda09be67c0116593ebcd327f5bfa655f

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: aQEgNdEAnWF7hU0hXzE_qBLtLWpCEMgH
content-encoding: br
etag: "92f7fe97957aed89e69b8f84a5e9f3f4"
age: 16939
x-cache: HIT
content-length: 110454
x-amz-id-2: +Z239bqIXkad12kzGVm/HkHGq9wBOPeXCLoP2zY5+hv9reGCZA7Sf7a3k8oxkG0zn0O3ziR+/WM=
x-served-by: cache-hhn11532-HHN
last-modified: Mon, 15 Mar 2021 10:17:43 GMT
server: AmazonS3-br
x-timer: S1616166493.419896,VS0,VE0
date: Fri, 19 Mar 2021 15:08:13 GMT
vary: Accept-Encoding
x-amz-request-id: 207QBC9SK6K2EQX3
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 33
x-cache-hits: 96405

GET
H2 200 pb.1615380341861.js Show response
cdn.adpushup.com/prebid/ 369 KB
107 KB 34ms
33ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.1615380341861.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/41415/adpushup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: ef3d65f7b58944774499531f1ad26adcca6b8e98e11b17c8a20cd16e1bfb42ff

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: br
x-cf3: M
cf4ttl: 604800.000
x-cf1: 28371:fC.fra2:co:1615380460:cacheN.fra2-01:H
content-length: 108788
x-cf-tsc: 1615986396
x-cf2: H
last-modified: Wed, 10 Mar 2021 12:47:39 GMT
server: CFS 0215
x-cff: B
etag: W/"6048bfeb-5c514"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf4age: 0
accept-ranges: bytes
expires: Sat, 19 Mar 2022 15:08:13 GMT

POST
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
178 B 113ms
43ms Other
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/41415/adpushup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:12 GMT
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.thelocal.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
272 B 84ms
32ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MTYxNjY0OTM0NjMsInBhY2tldElkIjoiMDAwMEExQzctNThiMmE0YWEtMGU2OC00ZTBmLTkwOTEtZWExNTRmZGRmYTIyIiwic2l0ZUlkIjo0MTQxNSwic2l0ZURvbWFpbiI6Imh0dHBzOi8vd3d3LnRoZWxvY2FsLmRlIiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbG9jYWwuZGUvMjAxODA3MDYvc2V2ZXJhbC1nZXJtYW4tbXBzLXNvbGQtc2Vuc2l0aXZlLWluZm9ybWF0aW9uLXRvLWNoaW5lc2Utc3BpZXMvIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6Imh0dHBzOi8vd3d3LnRoZWxvY2FsLmRlLzIwMTgwNzA2L3NldmVyYWwtZ2VybWFuLW1wcy1zb2xkLXNlbnNpdGl2ZS1pbmZvcm1hdGlvbi10by1jaGluZXNlLXNwaWVzIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiYWUwNGQ5OGMtNjdmZS00OGUxLTlkNWYtMzk5MGVkYzA3YmRjIiwic2VjdGlvbk5hbWUiOiJkZV9sZWFkZXJib2FyZF8xIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6ImRlX2xlYWRlcmJvYXJkXzEiLCJzZXJ2aWNlcyI6WzYsM10sImFkVW5pdFR5cGUiOjF9XX0=
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:12 GMT
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.thelocal.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
131 B 84ms
32ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MTYxNjY0OTM0NjYsInBhY2tldElkIjoiMDAwMEExQzctNThiMmE0YWEtMGU2OC00ZTBmLTkwOTEtZWExNTRmZGRmYTIyIiwic2l0ZUlkIjo0MTQxNSwic2l0ZURvbWFpbiI6Imh0dHBzOi8vd3d3LnRoZWxvY2FsLmRlIiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbG9jYWwuZGUvMjAxODA3MDYvc2V2ZXJhbC1nZXJtYW4tbXBzLXNvbGQtc2Vuc2l0aXZlLWluZm9ybWF0aW9uLXRvLWNoaW5lc2Utc3BpZXMvIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6Imh0dHBzOi8vd3d3LnRoZWxvY2FsLmRlLzIwMTgwNzA2L3NldmVyYWwtZ2VybWFuLW1wcy1zb2xkLXNlbnNpdGl2ZS1pbmZvcm1hdGlvbi10by1jaGluZXNlLXNwaWVzIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiYjg1YTc3NDItOWU4ZC00OWNhLTkwZGEtYWIyYmJhYjBjMzY4Iiwic2VjdGlvbk5hbWUiOiJkZV9sZWFkZXJib2FyZF81Iiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6ImRlX2xlYWRlcmJvYXJkXzUiLCJzZXJ2aWNlcyI6WzYsM10sImFkVW5pdFR5cGUiOjF9XX0=
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:12 GMT
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.thelocal.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
131 B 94ms
43ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MTYxNjY0OTM0NjgsInBhY2tldElkIjoiMDAwMEExQzctNThiMmE0YWEtMGU2OC00ZTBmLTkwOTEtZWExNTRmZGRmYTIyIiwic2l0ZUlkIjo0MTQxNSwic2l0ZURvbWFpbiI6Imh0dHBzOi8vd3d3LnRoZWxvY2FsLmRlIiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbG9jYWwuZGUvMjAxODA3MDYvc2V2ZXJhbC1nZXJtYW4tbXBzLXNvbGQtc2Vuc2l0aXZlLWluZm9ybWF0aW9uLXRvLWNoaW5lc2Utc3BpZXMvIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6Imh0dHBzOi8vd3d3LnRoZWxvY2FsLmRlLzIwMTgwNzA2L3NldmVyYWwtZ2VybWFuLW1wcy1zb2xkLXNlbnNpdGl2ZS1pbmZvcm1hdGlvbi10by1jaGluZXNlLXNwaWVzIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNTFhZjA0OGYtMjYwYy00YjZiLWFkYWMtYWVkZGRmMzk1NmVjIiwic2VjdGlvbk5hbWUiOiJkZV9tcHVfMSIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJkZV9tcHVfMSIsInNlcnZpY2VzIjpbNiwzXSwiYWRVbml0VHlwZSI6MX1dfQ==
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:12 GMT
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.thelocal.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame 37E0 6 KB
3 KB 550ms
147ms XHR
multipart/form-data 3.130.124.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.124.204 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-124-204.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 2b6798acd048bc421a581c13627dceaee2dc59f6c219b3dd420f5b5691c71f16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Mar 2021 15:08:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.thelocal.de
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 61 KB
18 KB 229ms
229ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=lGr3ciYmC7

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d69c2337009085d9352dec2ab3469254fc1e6c4685203dc2b4cc7700640561ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 08eca0b53b00004dd62b095000000001
x-request-id: Cp128qqTMyw
pragma: no-cache
wn: prod-exp-10-0-80-30
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thelocal.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 63279d685f204dd6-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 25ms
7ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210319

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1615380341861.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

846af461e0124fe361072318117c8fd1f70925243f6d3504554b2378ace9a806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 14716
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
content-length: 754
etag: W/"53a-oPzSytZtBcfFrazXop3TGDR6IFU"
x-served-by: cache-fra19148-FRA, cache-hhn4062-HHN
date: Fri, 19 Mar 2021 15:08:13 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 204
No Content AddLogs Show response
logging.carambo.la/ 0
176 B 500ms
117ms XHR
text/plain 18.215.29.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.carambo.la/AddLogs
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.215.29.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-215-29-8.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:05 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 403 473e7dd9b5a377ae31533c87bae930b3_9c2cd08a591c3c03757d44dc32e9285bfed5331a_incontent_unified.json Show response
inimage.carambo.la/1/thlc94/112164/ 243 B
379 B 229ms
142ms XHR
application/xml 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://inimage.carambo.la/1/thlc94/112164/473e7dd9b5a377ae31533c87bae930b3_9c2cd08a591c3c03757d44dc32e9285bfed5331a_incontent_unified.json
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d50ed03725bc078a4106303e73484cb85284313aa363a71db22f39f844e1687

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
server: AmazonS3
x-amz-request-id: DHY13FJZXVNX65J7
etag: "4fa218367bb4bb09a7b243056aa5b61d"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/xml
access-control-allow-origin: *
access-control-max-age: 3000
x-amz-id-2: qZG4NWgEGnnkdIxkfU9e5UiP1W2UifTLPjskYEwdlwzIL6D2HgiLxLIPUS2DuKFirYaenfDcyuE=

GET
H2 403 473e7dd9b5a377ae31533c87bae930b3_9c2cd08a591c3c03757d44dc32e9285bfed5331a_incontent_unified_2.json Show response
inimage.carambo.la/1/thlc94/112164/ 243 B
516 B 227ms
141ms XHR
application/xml 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://inimage.carambo.la/1/thlc94/112164/473e7dd9b5a377ae31533c87bae930b3_9c2cd08a591c3c03757d44dc32e9285bfed5331a_incontent_unified_2.json
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d20df16a025ef9046428ce3f5388de419404ce8fa8eafa25f4f4058fd32b9a99

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
server: AmazonS3
x-amz-request-id: DHY5166W1TXDG2GD
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/xml
access-control-allow-origin: *
access-control-max-age: 3000
x-amz-id-2: opUm0RYyNuJbzSJyGzeopRrECrGS2QKgzpKeaGlpNM1aYiXNbtX3wef8OnajFvgkmbrNpC3/j5Q=

OPTIONS
H2 200 61
api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 118ms
118ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/61?story_url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&visitor=vlfdyrni4annguu4

Protocol

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thelocal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.thelocal.de
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-tq-node: x
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 08eca0b60f000005bbfc124000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63279d69bf9b05bb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 61 Show response
api-esp.piano.io/tracker/lucid/visit/ 65 B
220 B 130ms
130ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/61?story_url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&visitor=vlfdyrni4annguu4

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75f2833f3700d77a0c92cbbb1d17302a322fefa1ca10f1f61df3f757472c03a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eca0b68500004abd89180000000001
server: cloudflare
etag: W/"41-CyoV37soZQ3WlFyWNZMPC6KRuEs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelocal.de
vary: Accept-Encoding, X-HTTP-Method-Override
access-control-allow-credentials: true
cf-ray: 63279d6a6fa94abd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2 200 iframeResizer.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 11 KB
4 KB 18ms
18ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vd.1.60.5-785b23d&p=61

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 94578
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eca0b61300004abd49069000000001
last-modified: Fri, 12 Mar 2021 14:35:27 GMT
server: cloudflare
etag: W/"2e2f-17826dd1798"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 63279d69be404abd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 19 Mar 2022 15:08:13 GMT

GET
H2 200 state-machine.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/state-machine/ 4 KB
1 KB 17ms
16ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vd.1.60.5-785b23d&p=61

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 94578
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eca0b61000004abd44847000000001
last-modified: Fri, 12 Mar 2021 14:35:27 GMT
server: cloudflare
etag: W/"f2a-17826dd1798"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 63279d69be454abd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 19 Mar 2022 15:08:13 GMT

GET
H2 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/base/ 16 KB
4 KB 18ms
18ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vd.1.60.5-785b23d&p=61

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 94578
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eca0b61000004abd7e1fc000000001
last-modified: Fri, 12 Mar 2021 14:35:27 GMT
server: cloudflare
etag: W/"8abb-17826dd1798"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 63279d69be464abd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 19 Mar 2022 15:08:13 GMT

GET
H2 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/embedded/ 2 KB
1 KB 18ms
18ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/embedded/displayer.js?v=vd.1.60.5-785b23d&p=61

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 94578
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eca0b61000004abda4897000000001
last-modified: Fri, 12 Mar 2021 14:35:27 GMT
server: cloudflare
etag: W/"19c7-17826dd1798"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 63279d69be474abd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 19 Mar 2022 15:08:13 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 144 KB
43 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccfbf42da650e227d286ace78c29607b01974f812cb7ddb07c56dcfdb76ef645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 20:41:02 GMT
server: sffe
age: 34
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43614
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:57:39 GMT

GET
H2 200 show Show response
buy.tinypass.com/checkout/offer/ Frame ADAF 283 KB
30 KB 160ms
159ms Document
text/html 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.login-box&templateId=OTU6M3FSD4MZ&templateVariantId=OTVN7R7RXGJUZ&offerId=OF5GTA24P5VH&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX8P88MXOZPZ&widget=offer&iframeId=offer-0-drfCY&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=350&_qh=c55003e6cf

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20317eb4fd072adcb54351e26b0d530c27541c1d5c8171a7b820693db5f12358

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/offer/show?displayMode=inline&containerSelector=.login-box&templateId=OTU6M3FSD4MZ&templateVariantId=OTVN7R7RXGJUZ&offerId=OF5GTA24P5VH&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX8P88MXOZPZ&widget=offer&iframeId=offer-0-drfCY&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=350&_qh=c55003e6cf
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelocal.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelocal.de/

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
server-time: 0.042
set-cookie: ch_sid=96fq4qnSw9EO3rX;Version=1;Domain=.tinypass.com;Path=/;Max-Age=3600;Secure;SameSite=None LANG=en_US;Version=1;Domain=.tinypass.com;Path=/;Max-Age=2592000;Secure;SameSite=None __cflb=02DiuHCYe3gAA7tKYXZHc1Kjp8tYqQh4cdUF8Kqb4yKBA; SameSite=Lax; path=/; expires=Sat, 20-Mar-21 14:08:13 GMT; HttpOnly
strict-transport-security: max-age=60; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-90-75
x-forwarded-https: on
x-request-id: Cp128qqdxxb
x-xss-protection: 0
cf-cache-status: DYNAMIC
cf-request-id: 08eca0b64800004dd658216000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63279d6a0a0a4dd6-FRA
content-encoding: br

GET
H2 200 2192442597734156 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 34ms
34ms Script
application/x-javascript 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2192442597734156?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00a:e:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73274a078cc01bd643e574c2bbf21e89229a01485b071ba2fd5ff4a566cdeb55

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70574
x-fb-rlafr: 0
pragma: public
x-fb-debug: EoVMtrxr3oBzJ+RsnE7pcw7DOBZT9k3m9iesPR3KQKoKeIl7cDk0tRXhlMYTcjFGxrLGZ4NY5zKHyWF0uRL5yg==
x-fb-trip-id: 1082456386
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 19 Mar 2021 15:08:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 show Show response
buy.tinypass.com/checkout/template/ Frame 533E 15 KB
5 KB 131ms
131ms Document
text/html 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.donate-message&templateId=OTPYFTHRYYY6&templateVariantId=OTVCGKCVEQAP2&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2Ry27CMBBF_8VrLNkOzsO7hAaK6INXQ8POOAO4NSEkDkSq-u8llLaq1EVnN7rnjmbuvCGpMySQGZSO0umu56EOKuQGEg2nYaswwigmDqYBpi4mPqYOZg7FTbPgYROr0ZK9RP2bEwbJCWOwAs75WqnAzzKPucE6cAgPqLs6D4amgFJDruAyOn6OnmacRw_dKPmlxg2o2up9fsGoTzjxNpQSTM7FarYiNVTWFMY4rn841MX29Zc_VN_mars_zWFXGGlhek_pLCTD3iidtXduZfUlIWHLGjrIXvuL93E-Tvvz22mapi760RJZapnbK5L0BqNeEk_CMTszSu4KqTd5hUReG9NBR13pT_SI_47SwVoFMSivP7-bGBsuF_-JUhftbyShorv2BQ2Y4F3aFaJdoq6gDDeQ2zOSnVS7ujVIUJe6jDM_cN4_AHua6gn3AQAA&experienceId=EXBUS55BN4BV&widget=offer&tbc=%7Bjbd%7DeyJwayI6IkFEd1hGSDFwUkl1bnZyWjQyUm00QXdramVGSDMzdGFjQ2xKWFhuZUJSYTI0cTlVS1E3VlZ6OGhpSkxvbSIsInNrIjoibEdyM2NpWW1DNyIsInYiOjN9&iframeId=offer-1-9JbPU&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&tags=articlepage&pageViewId=2021-03-19-16-08-13-231-xxW5AxEcKZ2jBFDw-ea5022ebe555fcc98dd7269f9305916b&visitId=v-2021-03-19-16-08-13-233-ic9Eec7FTLQltAZW-ea5022ebe555fcc98dd7269f9305916b&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=620&_qh=5b724e6794

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee24fe7e53826c1ee6fdbb4ee83ecbeb91aa4031a1d13430147c009411f600a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/template/show?displayMode=inline&containerSelector=.donate-message&templateId=OTPYFTHRYYY6&templateVariantId=OTVCGKCVEQAP2&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2Ry27CMBBF_8VrLNkOzsO7hAaK6INXQ8POOAO4NSEkDkSq-u8llLaq1EVnN7rnjmbuvCGpMySQGZSO0umu56EOKuQGEg2nYaswwigmDqYBpi4mPqYOZg7FTbPgYROr0ZK9RP2bEwbJCWOwAs75WqnAzzKPucE6cAgPqLs6D4amgFJDruAyOn6OnmacRw_dKPmlxg2o2up9fsGoTzjxNpQSTM7FarYiNVTWFMY4rn841MX29Zc_VN_mars_zWFXGGlhek_pLCTD3iidtXduZfUlIWHLGjrIXvuL93E-Tvvz22mapi760RJZapnbK5L0BqNeEk_CMTszSu4KqTd5hUReG9NBR13pT_SI_47SwVoFMSivP7-bGBsuF_-JUhftbyShorv2BQ2Y4F3aFaJdoq6gDDeQ2zOSnVS7ujVIUJe6jDM_cN4_AHua6gn3AQAA&experienceId=EXBUS55BN4BV&widget=offer&tbc=%7Bjbd%7DeyJwayI6IkFEd1hGSDFwUkl1bnZyWjQyUm00QXdramVGSDMzdGFjQ2xKWFhuZUJSYTI0cTlVS1E3VlZ6OGhpSkxvbSIsInNrIjoibEdyM2NpWW1DNyIsInYiOjN9&iframeId=offer-1-9JbPU&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&tags=articlepage&pageViewId=2021-03-19-16-08-13-231-xxW5AxEcKZ2jBFDw-ea5022ebe555fcc98dd7269f9305916b&visitId=v-2021-03-19-16-08-13-233-ic9Eec7FTLQltAZW-ea5022ebe555fcc98dd7269f9305916b&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=620&_qh=5b724e6794
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelocal.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelocal.de/

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
server-time: 0.010
set-cookie: LANG=en_US;Version=1;Domain=.tinypass.com;Path=/;Max-Age=2592000;Secure;SameSite=None __cflb=02DiuHCYe3gAA7tKYXZHc1Kjp8tYqQh4cdUF8Kqb4yKBA; SameSite=Lax; path=/; expires=Sat, 20-Mar-21 14:08:13 GMT; HttpOnly
strict-transport-security: max-age=60; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-85-15
x-forwarded-https: on
x-request-id: Cp128qqWdId
x-xss-protection: 0
cf-cache-status: DYNAMIC
cf-request-id: 08eca0b65100004dd633a5e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63279d6a1a244dd6-FRA
content-encoding: br

GET
H/1.1 204
No Content p
ingestion.contentinsights.com/ 0
88 B 149ms
45ms Image
text/plain 18.200.192.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ingestion.contentinsights.com/p?a=The%20Local&b=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies&c=Chinese%20spy%20on%20Bundestag%20through%20social%20media%20info%20purchased%20from%20German%20politicians%3A%20report&d=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&e=News&f=2145&g=2018-07-06T12%3A18%3A24%2B02%3A00&h=espionage&i=&j=&k=&l=&m=&pid=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&u=1616166493746.76718001.46314812&ul=1616166493747.945224829.1282169&x=0.8929154904615633&t=0&err=&ver=19
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.192.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-192-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 19 Mar 2021 15:08:13 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=1765939700386961&ev=DEV%20COM%20offer%20shown&dl=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&rl=http...
https://cx.atdmt.com/?c=6041142539726336493&f=AYwf8vKf9OskbwtdiM3BgxoYQVIhaZs79xKDK91nHu5SWIwo-OOHYdyA_-XGQueF_CoFFlXPaN10FqI364xf9Xp_&id=1765939700386961&l=3&v=0

43 B
827 B

146ms
76ms

Image
image/gif

2a03:2880:f00a:2:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=6041142539726336493&f=AYwf8vKf9OskbwtdiM3BgxoYQVIhaZs79xKDK91nHu5SWIwo-OOHYdyA_-XGQueF_CoFFlXPaN10FqI364xf9Xp_&id=1765939700386961&l=3&v=0

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00a:2:face:b00c:0:8c , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
x-fb-debug: 80fBo6R3iLYkMkEWDjAXUKPCEdVmt3UUBjLorY9+nfbGrYyOqXTfAN8sUfeBuOW8306uyMlPHPc77WTxOsiTyw==
content-encoding: br
x-content-type-options: nosniff
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 19 Mar 2021 08:08:13 PDT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-fb-rlafr: 0
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Fri, 19 Mar 2021 08:08:13 PDT

Redirect headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:13 GMT
server: proxygen-bolt
content-type: text/plain
location: https://cx.atdmt.com/?c=6041142539726336493&f=AYwf8vKf9OskbwtdiM3BgxoYQVIhaZs79xKDK91nHu5SWIwo-OOHYdyA_-XGQueF_CoFFlXPaN10FqI364xf9Xp_&id=1765939700386961&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/rec_onsite_embedded/ 5 KB
2 KB 19ms
19ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/rec_onsite_embedded/displayer.js?v=vd.1.60.5-785b23d&p=61

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45698cee6ddb267e99fa7694a91ce26750b717760331b6915228a635c2b4ce22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 94578
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eca0b65400004abd97221000000001
last-modified: Fri, 12 Mar 2021 14:35:27 GMT
server: cloudflare
etag: W/"3b47-17826dd1798"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 63279d6a2efd4abd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 19 Mar 2022 15:08:13 GMT

GET
BLOB 200
OK 26bcaca7-e90c-44f4-832b-3b35f44a25c4
https://www.thelocal.de/ 290 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thelocal.de/26bcaca7-e90c-44f4-832b-3b35f44a25c4
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2326b22459b3b11bbebcd4e6c7525de39f296d1fa750bfdf65dadca14c4cb9a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 290
Content-Type: text/javascript

GET
BLOB 200
OK d22ba700-0c98-4031-9206-8072286b6780
https://www.thelocal.de/ 274 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thelocal.de/d22ba700-0c98-4031-9206-8072286b6780
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b78eb1fe6783933ac78f2e62a1bde67285956387379d1db48e93fbce2bfa64f7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 274
Content-Type: text/javascript

GET
H3-Q050 200 swg-button.css
news.google.com/swg/js/v1/ 20 KB
6 KB 34ms
20ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e05e17c22842f1c19fd3c7c12aec5d1ffb58bf43baf91625f23b436f28d9dc50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 14:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 20:41:02 GMT
server: sffe
age: 2748
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6159
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:12:25 GMT

GET
H3-Q050 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 54AB 25 KB
9 KB 66ms
57ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=448935

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4df73bdbef6a89c7e40c2c6f127b366b2b48acbd7fd28b66207aeda0e7950495

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x2qGwl3Jh6nozxDLOQVwNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-x2qGwl3Jh6nozxDLOQVwNQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=448935
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelocal.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelocal.de/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Mar 2021 15:08:13 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
content-security-policy: script-src 'report-sample' 'nonce-x2qGwl3Jh6nozxDLOQVwNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-x2qGwl3Jh6nozxDLOQVwNQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=211=D6z0IxUri2qpDHOhAV-NK3om8K2itEJGrcZz53EKOQWVbLyknbSrtHooFtWktFjfxLdoLgXyF6QIm3jJ6C0-bWKwJEF0UamfIJbXPrDqUdyE_jPz4V4wNsLg3GOah_XhHcfnI8sI7o5UyQm6CnEiInBwbWD4RoZHccXAr50BLnE; expires=Sat, 18-Sep-2021 15:08:13 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 30ms
21ms Other
image/svg+xml 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 14:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
age: 1916
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:26:17 GMT

GET
H3-Q050 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/thelocal.de/ 2 B
849 B 54ms
49ms Fetch
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/thelocal.de/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelocal.de
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 164 Show response
api-esp.piano.io/publisher/bekose/ Frame 8BCD 136 KB
44 KB 123ms
123ms Document
text/html 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/bekose/164?wv=96&v=vd.1.60.5-785b23d

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed454bf0eaa68b8e85ab477e355894d5c6352ea4c68a78402b18017fc1f832f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: api-esp.piano.io
:scheme: https
:path: /publisher/bekose/164?wv=96&v=vd.1.60.5-785b23d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelocal.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelocal.de/

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: api-esp.piano.io
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
etag: W/"221fc-qRfCqPIc/Q8V/pqVJaNvQnIZKjE"
expires: Sat, 19 Mar 2022 15:08:13 GMT
cache-control: max-age=31536000 public
x-cache-status: HIT
x-tq-node: x
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 08eca0b68300004abd6ca49000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63279d6a6f914abd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 162 Show response
api-esp.piano.io/publisher/bekose/ Frame 5C76 136 KB
44 KB 118ms
118ms Document
text/html 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/bekose/162?wv=97&v=vd.1.60.5-785b23d

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b545088a29a47136ccea1c0124a877bd80d5be9e30c973481babfd96cbc23968

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: api-esp.piano.io
:scheme: https
:path: /publisher/bekose/162?wv=97&v=vd.1.60.5-785b23d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelocal.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelocal.de/

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: api-esp.piano.io
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
etag: W/"221f0-yuL2QoVs+v1vHT451MV0c5XNEls"
expires: Sat, 19 Mar 2022 15:08:13 GMT
cache-control: max-age=31536000 public
x-cache-status: HIT
x-tq-node: x
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 08eca0b68000004abd78a3e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63279d6a6f9d4abd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 44 B
107 B 37ms
37ms Image
image/gif 2a03:2880:f10a:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2192442597734156&ev=PageView&dl=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&rl=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies&if=false&ts=1616166493826&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616166493369.1032061824&it=1616166493174&coo=false&rqm=GET

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10a:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 19 Mar 2021 15:08:13 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
55 B 36ms
36ms Other
text/plain 2a03:2880:f10a:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10a:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryy0QMBhggCIhb1HUS

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 19 Mar 2021 15:08:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.thelocal.de
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 swg-button.css
news.google.com/swg/js/v1/ Frame 54AB 20 KB
6 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=448935

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e05e17c22842f1c19fd3c7c12aec5d1ffb58bf43baf91625f23b436f28d9dc50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 14:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 20:41:02 GMT
server: sffe
age: 2748
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6159
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:12:25 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.oZdUmJOz1_o.es5.O/am=AgIB/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ct=zgms/rs=... Frame 54AB 143 KB
51 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.oZdUmJOz1_o.es5.O/am=AgIB/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ct=zgms/rs=ABXTjI7CMLSSpC9KqKW4y0TfcXMKUqVFeQ/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=448935

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed704a2787cc242f7c36e52aa6b25d1486a15e957e700e662b4c894542a5e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 21:58:19 GMT
server: sffe
age: 69207
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51731
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:54:46 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame 54AB 21 KB
21 KB 35ms
20ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=448935

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://news.google.com
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
age: 70007
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:41:26 GMT

GET
H2 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 533E 27 KB
5 KB 39ms
36ms Stylesheet
text/css 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.donate-message&templateId=OTPYFTHRYYY6&templateVariantId=OTVCGKCVEQAP2&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2Ry27CMBBF_8VrLNkOzsO7hAaK6INXQ8POOAO4NSEkDkSq-u8llLaq1EVnN7rnjmbuvCGpMySQGZSO0umu56EOKuQGEg2nYaswwigmDqYBpi4mPqYOZg7FTbPgYROr0ZK9RP2bEwbJCWOwAs75WqnAzzKPucE6cAgPqLs6D4amgFJDruAyOn6OnmacRw_dKPmlxg2o2up9fsGoTzjxNpQSTM7FarYiNVTWFMY4rn841MX29Zc_VN_mars_zWFXGGlhek_pLCTD3iidtXduZfUlIWHLGjrIXvuL93E-Tvvz22mapi760RJZapnbK5L0BqNeEk_CMTszSu4KqTd5hUReG9NBR13pT_SI_47SwVoFMSivP7-bGBsuF_-JUhftbyShorv2BQ2Y4F3aFaJdoq6gDDeQ2zOSnVS7ujVIUJe6jDM_cN4_AHua6gn3AQAA&experienceId=EXBUS55BN4BV&widget=offer&tbc=%7Bjbd%7DeyJwayI6IkFEd1hGSDFwUkl1bnZyWjQyUm00QXdramVGSDMzdGFjQ2xKWFhuZUJSYTI0cTlVS1E3VlZ6OGhpSkxvbSIsInNrIjoibEdyM2NpWW1DNyIsInYiOjN9&iframeId=offer-1-9JbPU&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&tags=articlepage&pageViewId=2021-03-19-16-08-13-231-xxW5AxEcKZ2jBFDw-ea5022ebe555fcc98dd7269f9305916b&visitId=v-2021-03-19-16-08-13-233-ic9Eec7FTLQltAZW-ea5022ebe555fcc98dd7269f9305916b&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=620&_qh=5b724e6794

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01745476fa67ef15daf1d7cae8abfc2915ea63f772b45d62d8dbb3aad4e3283e

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.donate-message&templateId=OTPYFTHRYYY6&templateVariantId=OTVCGKCVEQAP2&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2Ry27CMBBF_8VrLNkOzsO7hAaK6INXQ8POOAO4NSEkDkSq-u8llLaq1EVnN7rnjmbuvCGpMySQGZSO0umu56EOKuQGEg2nYaswwigmDqYBpi4mPqYOZg7FTbPgYROr0ZK9RP2bEwbJCWOwAs75WqnAzzKPucE6cAgPqLs6D4amgFJDruAyOn6OnmacRw_dKPmlxg2o2up9fsGoTzjxNpQSTM7FarYiNVTWFMY4rn841MX29Zc_VN_mars_zWFXGGlhek_pLCTD3iidtXduZfUlIWHLGjrIXvuL93E-Tvvz22mapi760RJZapnbK5L0BqNeEk_CMTszSu4KqTd5hUReG9NBR13pT_SI_47SwVoFMSivP7-bGBsuF_-JUhftbyShorv2BQ2Y4F3aFaJdoq6gDDeQ2zOSnVS7ujVIUJe6jDM_cN4_AHua6gn3AQAA&experienceId=EXBUS55BN4BV&widget=offer&tbc=%7Bjbd%7DeyJwayI6IkFEd1hGSDFwUkl1bnZyWjQyUm00QXdramVGSDMzdGFjQ2xKWFhuZUJSYTI0cTlVS1E3VlZ6OGhpSkxvbSIsInNrIjoibEdyM2NpWW1DNyIsInYiOjN9&iframeId=offer-1-9JbPU&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&tags=articlepage&pageViewId=2021-03-19-16-08-13-231-xxW5AxEcKZ2jBFDw-ea5022ebe555fcc98dd7269f9305916b&visitId=v-2021-03-19-16-08-13-233-ic9Eec7FTLQltAZW-ea5022ebe555fcc98dd7269f9305916b&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=620&_qh=5b724e6794
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 2063
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 08eca0b6dc00004dd64e3e2000000001
wn: prod-dash-10-0-116-128
last-modified: Tue, 16 Mar 2021 15:03:08 GMT
server: cloudflare
etag: W/"27158-1615906988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 63279d6afb954dd6-FRA
expires: Fri, 19 Mar 2021 17:08:13 GMT

GET
H2 200 loadTranslationMap Show response
buy.tinypass.com/checkout/general/ Frame 533E 23 KB
4 KB 30ms
28ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/general/loadTranslationMap?aid=lGr3ciYmC7&version=1507726683000&language=en_US

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9e5463af27d51fa85b075910f65558ea33f7f276d31126e331d33e4c9e28c69

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.donate-message&templateId=OTPYFTHRYYY6&templateVariantId=OTVCGKCVEQAP2&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2Ry27CMBBF_8VrLNkOzsO7hAaK6INXQ8POOAO4NSEkDkSq-u8llLaq1EVnN7rnjmbuvCGpMySQGZSO0umu56EOKuQGEg2nYaswwigmDqYBpi4mPqYOZg7FTbPgYROr0ZK9RP2bEwbJCWOwAs75WqnAzzKPucE6cAgPqLs6D4amgFJDruAyOn6OnmacRw_dKPmlxg2o2up9fsGoTzjxNpQSTM7FarYiNVTWFMY4rn841MX29Zc_VN_mars_zWFXGGlhek_pLCTD3iidtXduZfUlIWHLGjrIXvuL93E-Tvvz22mapi760RJZapnbK5L0BqNeEk_CMTszSu4KqTd5hUReG9NBR13pT_SI_47SwVoFMSivP7-bGBsuF_-JUhftbyShorv2BQ2Y4F3aFaJdoq6gDDeQ2zOSnVS7ujVIUJe6jDM_cN4_AHua6gn3AQAA&experienceId=EXBUS55BN4BV&widget=offer&tbc=%7Bjbd%7DeyJwayI6IkFEd1hGSDFwUkl1bnZyWjQyUm00QXdramVGSDMzdGFjQ2xKWFhuZUJSYTI0cTlVS1E3VlZ6OGhpSkxvbSIsInNrIjoibEdyM2NpWW1DNyIsInYiOjN9&iframeId=offer-1-9JbPU&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&tags=articlepage&pageViewId=2021-03-19-16-08-13-231-xxW5AxEcKZ2jBFDw-ea5022ebe555fcc98dd7269f9305916b&visitId=v-2021-03-19-16-08-13-233-ic9Eec7FTLQltAZW-ea5022ebe555fcc98dd7269f9305916b&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=620&_qh=5b724e6794
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 1036
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 08eca0b6dc00004dd62297e000000001
x-request-id: Cx818qqAOyf
pragma
wn: prod-dash-10-0-129-16
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400
cf-ray: 63279d6afb974dd6-FRA
expires: Sat, 20 Mar 2021 15:08:13 GMT

GET
H2 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 533E 46 KB
9 KB 48ms
46ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=12.122.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1af05ca0ea00d14b415f5c71727fca80eae8320703bc2053814e17f9262f0683

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.donate-message&templateId=OTPYFTHRYYY6&templateVariantId=OTVCGKCVEQAP2&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2Ry27CMBBF_8VrLNkOzsO7hAaK6INXQ8POOAO4NSEkDkSq-u8llLaq1EVnN7rnjmbuvCGpMySQGZSO0umu56EOKuQGEg2nYaswwigmDqYBpi4mPqYOZg7FTbPgYROr0ZK9RP2bEwbJCWOwAs75WqnAzzKPucE6cAgPqLs6D4amgFJDruAyOn6OnmacRw_dKPmlxg2o2up9fsGoTzjxNpQSTM7FarYiNVTWFMY4rn841MX29Zc_VN_mars_zWFXGGlhek_pLCTD3iidtXduZfUlIWHLGjrIXvuL93E-Tvvz22mapi760RJZapnbK5L0BqNeEk_CMTszSu4KqTd5hUReG9NBR13pT_SI_47SwVoFMSivP7-bGBsuF_-JUhftbyShorv2BQ2Y4F3aFaJdoq6gDDeQ2zOSnVS7ujVIUJe6jDM_cN4_AHua6gn3AQAA&experienceId=EXBUS55BN4BV&widget=offer&tbc=%7Bjbd%7DeyJwayI6IkFEd1hGSDFwUkl1bnZyWjQyUm00QXdramVGSDMzdGFjQ2xKWFhuZUJSYTI0cTlVS1E3VlZ6OGhpSkxvbSIsInNrIjoibEdyM2NpWW1DNyIsInYiOjN9&iframeId=offer-1-9JbPU&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&tags=articlepage&pageViewId=2021-03-19-16-08-13-231-xxW5AxEcKZ2jBFDw-ea5022ebe555fcc98dd7269f9305916b&visitId=v-2021-03-19-16-08-13-233-ic9Eec7FTLQltAZW-ea5022ebe555fcc98dd7269f9305916b&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=620&_qh=5b724e6794
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 16475
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 08eca0b6dc00004dd619274000000001
wn: prod-dash-10-0-131-128
last-modified: Thu, 18 Mar 2021 11:31:48 GMT
server: cloudflare
etag: W/"47215-1616067108000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.002
cache-control: public, max-age=86400
cf-ray: 63279d6afb984dd6-FRA
expires: Sat, 20 Mar 2021 15:08:13 GMT

GET
H2 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame 533E 355 KB
115 KB 39ms
37ms Script
text/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.122.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bab3e3be3f151e604757f54c35b5627db9bc4e327b6194d6f6194d005eb253d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=.donate-message&templateId=OTPYFTHRYYY6&templateVariantId=OTVCGKCVEQAP2&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2Ry27CMBBF_8VrLNkOzsO7hAaK6INXQ8POOAO4NSEkDkSq-u8llLaq1EVnN7rnjmbuvCGpMySQGZSO0umu56EOKuQGEg2nYaswwigmDqYBpi4mPqYOZg7FTbPgYROr0ZK9RP2bEwbJCWOwAs75WqnAzzKPucE6cAgPqLs6D4amgFJDruAyOn6OnmacRw_dKPmlxg2o2up9fsGoTzjxNpQSTM7FarYiNVTWFMY4rn841MX29Zc_VN_mars_zWFXGGlhek_pLCTD3iidtXduZfUlIWHLGjrIXvuL93E-Tvvz22mapi760RJZapnbK5L0BqNeEk_CMTszSu4KqTd5hUReG9NBR13pT_SI_47SwVoFMSivP7-bGBsuF_-JUhftbyShorv2BQ2Y4F3aFaJdoq6gDDeQ2zOSnVS7ujVIUJe6jDM_cN4_AHua6gn3AQAA&experienceId=EXBUS55BN4BV&widget=offer&tbc=%7Bjbd%7DeyJwayI6IkFEd1hGSDFwUkl1bnZyWjQyUm00QXdramVGSDMzdGFjQ2xKWFhuZUJSYTI0cTlVS1E3VlZ6OGhpSkxvbSIsInNrIjoibEdyM2NpWW1DNyIsInYiOjN9&iframeId=offer-1-9JbPU&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&tags=articlepage&pageViewId=2021-03-19-16-08-13-231-xxW5AxEcKZ2jBFDw-ea5022ebe555fcc98dd7269f9305916b&visitId=v-2021-03-19-16-08-13-233-ic9Eec7FTLQltAZW-ea5022ebe555fcc98dd7269f9305916b&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=620&_qh=5b724e6794
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2033
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 08eca0b6dc00004dd62631d000000001
wn: prod-dash-10-0-139-233
last-modified: Thu, 18 Mar 2021 22:02:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/javascript
server-time: 0.001
cache-control: public, max-age=602767
x-optimized-by: _sam
cf-ray: 63279d6afb994dd6-FRA
expires: Fri, 26 Mar 2021 14:34:20 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 533E 7 KB
769 B 44ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat|Roboto:400,500,700&subset=cyrillic

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df802355461f0d1e33a9504bae10944b4995680f09655320b2c21609858e7407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:35:02 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:13 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 533E 4 KB
1 KB 43ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,500&display=swap

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00b093efd11f9727aa2b663b576127e84e391b0f1dcd0826036fcded4d155a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:32:03 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:13 GMT

GET
H3-Q050 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.oZdUmJOz1_o.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.q-CTD6cFMyg.L... Frame 54AB 36 KB
14 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.oZdUmJOz1_o.es5.O/am=AgIB/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ct=zgms/rs=ABXTjI7CMLSSpC9KqKW4y0TfcXMKUqVFeQ/m=_b,_tp

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bebfd8d7c3108f20e4041ba16192da260a3a28227278ad03aabaca802332cdea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 21:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 21:58:19 GMT
server: sffe
age: 62961
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13529
x-xss-protection: 0
expires: Fri, 18 Mar 2022 21:38:52 GMT

POST
H/1.1 200
OK GetInContentInfo Show response
content.carambo.la/ 3 KB
1 KB 238ms
237ms Fetch
text/html 54.81.163.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content.carambo.la/GetInContentInfo
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.163.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-163-28.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9d0a9f5c175745f018b0b57ff220459019364dc70f41e76d18b9aec7752b07f9

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:15 GMT
Content-Encoding: deflate
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: https://www.thelocal.de
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1125
Expires: -1

OPTIONS
H/1.1 200
OK GetInContentInfo
content.carambo.la/ Frame 0
0 508ms
119ms Preflight 54.81.163.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content.carambo.la/GetInContentInfo
Protocol: HTTP/1.1
Server: 54.81.163.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-163-28.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thelocal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: https://www.thelocal.de
Cache-Control: no-cache
Date: Fri, 19 Mar 2021 15:08:09 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK GetInContentInfo Show response
content.carambo.la/ 3 KB
2 KB 221ms
221ms Fetch
text/html 54.81.163.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content.carambo.la/GetInContentInfo
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.163.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-163-28.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8699dfed9acef7f739dc4134c11dbc949c43e3c2e34190c5182ca6a2db6fb5a9

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:10 GMT
Content-Encoding: deflate
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: https://www.thelocal.de
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1242
Expires: -1

OPTIONS
H/1.1 200
OK GetInContentInfo
content.carambo.la/ Frame 0
0 524ms
123ms Preflight 54.81.163.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content.carambo.la/GetInContentInfo
Protocol: HTTP/1.1
Server: 54.81.163.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-163-28.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thelocal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: https://www.thelocal.de
Cache-Control: no-cache
Date: Fri, 19 Mar 2021 15:08:14 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 0
Connection: keep-alive

GET
H3-Q050 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,rE6Mgd,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.oZdUmJOz1_o.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.q-CTD6cFMyg.L... Frame 54AB 97 KB
33 KB 28ms
22ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.oZdUmJOz1_o.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.q-CTD6cFMyg.L.B1.O/am=AgIB/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ct=zgms/rs=ABXTjI7Q8P1_qyE-Q3OnZf7J6nKZHpH1rg/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,rE6Mgd,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc8080d30651a7effaa91db3b7370bdd3114922c93d6fa58b25410dabb7124f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 21:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 21:58:19 GMT
server: sffe
age: 62961
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33582
x-xss-protection: 0
expires: Fri, 18 Mar 2022 21:38:52 GMT

GET
H2 200 checkout.bundle.1.1.css
buy.tinypass.com/widget/dist/checkout/css/ Frame ADAF 218 KB
28 KB 31ms
30ms Stylesheet
text/css 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.login-box&templateId=OTU6M3FSD4MZ&templateVariantId=OTVN7R7RXGJUZ&offerId=OF5GTA24P5VH&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX8P88MXOZPZ&widget=offer&iframeId=offer-0-drfCY&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=350&_qh=c55003e6cf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d561c8aab0a24f4d9b6465ebe9ee951a741d037870db7538be4df6232a4f852

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.login-box&templateId=OTU6M3FSD4MZ&templateVariantId=OTVN7R7RXGJUZ&offerId=OF5GTA24P5VH&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX8P88MXOZPZ&widget=offer&iframeId=offer-0-drfCY&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=350&_qh=c55003e6cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2057
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 08eca0b71300004dd66e08d000000001
wn: prod-dash-10-0-88-44
last-modified: Tue, 16 Mar 2021 15:03:08 GMT
server: cloudflare
etag: W/"222791-1615906988000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 63279d6b5c1b4dd6-FRA
expires: Fri, 19 Mar 2021 17:08:13 GMT

GET
H2 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame ADAF 46 KB
9 KB 21ms
20ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=12.122.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1af05ca0ea00d14b415f5c71727fca80eae8320703bc2053814e17f9262f0683

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.login-box&templateId=OTU6M3FSD4MZ&templateVariantId=OTVN7R7RXGJUZ&offerId=OF5GTA24P5VH&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX8P88MXOZPZ&widget=offer&iframeId=offer-0-drfCY&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=350&_qh=c55003e6cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:13 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 16475
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 08eca0b71300004dd64e3e7000000001
wn: prod-dash-10-0-131-128
last-modified: Thu, 18 Mar 2021 11:31:48 GMT
server: cloudflare
etag: W/"47215-1616067108000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.002
cache-control: public, max-age=86400
cf-ray: 63279d6b5c1c4dd6-FRA
expires: Sat, 20 Mar 2021 15:08:13 GMT

GET
H2 200 H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA Show response
buy.tinypass.com/_sam/ Frame ADAF 549 KB
158 KB 39ms
38ms Script
text/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA?compressed=true&v=12.122.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d538c8e8fc8844b0aed4e49ff156d86c90226cec8d1d003aa590fbe2db27bb3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.login-box&templateId=OTU6M3FSD4MZ&templateVariantId=OTVN7R7RXGJUZ&offerId=OF5GTA24P5VH&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX8P88MXOZPZ&widget=offer&iframeId=offer-0-drfCY&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=350&_qh=c55003e6cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1546
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 08eca0b71300004dd622982000000001
wn: prod-dash-10-0-84-86
last-modified: Thu, 18 Mar 2021 11:44:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/javascript
server-time: 0.005
cache-control: public, max-age=603254
x-optimized-by: _sam
cf-ray: 63279d6b5c1d4dd6-FRA
expires: Fri, 26 Mar 2021 14:42:27 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 5C76 44 KB
2 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/publisher/bekose/162?wv=97&v=vd.1.60.5-785b23d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbb9f408670126fa8f1a4dee630d7b59d5928e6f8e2bcc8d042e9af33bd9a0a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://api-esp.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 15:00:07 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:13 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 8BCD 44 KB
2 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/publisher/bekose/164?wv=96&v=vd.1.60.5-785b23d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbb9f408670126fa8f1a4dee630d7b59d5928e6f8e2bcc8d042e9af33bd9a0a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://api-esp.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:49:25 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:13 GMT

GET
H2 200 fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 533E 2 KB
2 KB 15ms
15ms Image
image/png 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
cf-cache-status: HIT
age: 2063
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
strict-transport-security: max-age=60; includeSubDomains
content-length: 2177
cf-request-id: 08eca0b74a00004dd619b80000000001
wn: prod-dash-10-0-131-128
last-modified: Thu, 18 Mar 2021 11:44:54 GMT
server: cloudflare
etag: W/"2177-1616067894000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
server-time: 0.001
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 63279d6bacc24dd6-FRA
expires: Fri, 19 Mar 2021 17:08:14 GMT

GET
DATA 200
OK truncated
/ Frame 533E 204 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 744ef5d57e9dec4dfeff24af9a6028cd68bf4e692f658c8f48279e472ee074b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 5C76 4 KB
686 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/publisher/bekose/162?wv=97&v=vd.1.60.5-785b23d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4df0547b55f54db46b6551ea0eb3380f65ea77748d4bec005867b8369c2a397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:33:44 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:14 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 5C76 2 KB
590 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/publisher/bekose/162?wv=97&v=vd.1.60.5-785b23d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3344b9fdf206fd3f0f57e0cf12885efa76a4bbe38899900b4723d4dac0d1f876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:38:56 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:14 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 8BCD 4 KB
640 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/publisher/bekose/164?wv=96&v=vd.1.60.5-785b23d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4df0547b55f54db46b6551ea0eb3380f65ea77748d4bec005867b8369c2a397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:36:14 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:14 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 8BCD 2 KB
590 B 20ms
20ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/publisher/bekose/164?wv=96&v=vd.1.60.5-785b23d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3344b9fdf206fd3f0f57e0cf12885efa76a4bbe38899900b4723d4dac0d1f876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:29:51 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:14 GMT

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame 37E0 0
296 B 547ms
139ms XHR
multipart/form-data 3.130.124.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.124.204 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-124-204.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Mar 2021 15:08:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.thelocal.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 2_media.bin Show response
vid.connatix.com/08889ce6-b115-4237-98a7-87bd66adf41b/ Frame 37E0 575 B
710 B 74ms
25ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/08889ce6-b115-4237-98a7-87bd66adf41b/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1093076ee5ff629b879d72d5f5c274a38f888e4f21e1361ccfdb952465e7e8f0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: gzip
age: 3767295
x-cache: MISS, HIT
content-length: 434
x-served-by: cache-bwi5127-BWI, cache-hhn4038-HHN
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 12:16:52 GMT
x-timer: S1616166494.187637,VS0,VE1
etag: "a315bf94a5d29afb8a6a80fc23459761"
vary: Accept-Encoding
content-type: application/octet-stream
via: 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame ADAF 4 KB
612 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,500

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

091945e32b213e13e70e14508982ad238767fcd1c74a92044addf5b6b2600b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:35:28 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:14 GMT

GET
H3-Q050 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v13/ Frame 5C76 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5a693ec553fed00d0a2992eb32b82b250e7c64ef7928c117d4c0949b62d4dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api-esp.piano.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:41:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:04:05 GMT
server: sffe
age: 332831
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19252
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:41:03 GMT

GET
H3-Q050 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v13/ Frame 8BCD 19 KB
19 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5a693ec553fed00d0a2992eb32b82b250e7c64ef7928c117d4c0949b62d4dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api-esp.piano.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:41:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:04:05 GMT
server: sffe
age: 332831
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19252
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:41:03 GMT

OPTIONS
H2 200 84
api-esp.piano.io/onsite/recdata/id/ Frame 0
0 150ms
150ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/onsite/recdata/id/84?story_url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&visitor=vlfdyrni4annguu4&pnespid=

Protocol

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.thelocal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.thelocal.de
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-tq-node: x
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 08eca0b7fc000005bb67a85000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63279d6ccc1605bb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 84 Show response
api-esp.piano.io/onsite/recdata/id/ 60 B
523 B 187ms
187ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/onsite/recdata/id/84?story_url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&visitor=vlfdyrni4annguu4&pnespid=

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f1b6346e3493a6df4413c16a82a50bc158916c0b128caf9048744c19cc33662

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eca0b89200004abd5418a000000001
server: cloudflare
etag: W/"3c-5T+K11pKPF/LDAgxygX1RhuKHSc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelocal.de
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 63279d6dbc934abd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame 37E0 0
315 B 534ms
138ms XHR
multipart/form-data 3.130.124.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.124.204 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-124-204.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Mar 2021 15:08:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.thelocal.de
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 37E0 373 B
523 B 576ms
181ms XHR
multipart/form-data 3.130.124.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.124.204 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-124-204.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 526dbb26f408af685b791fe62b0e53d666af31d9fe84fb40c4feb2b6fffc61cb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Mar 2021 15:08:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.thelocal.de
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame 37E0 0
296 B 539ms
136ms XHR
multipart/form-data 3.130.124.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.124.204 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-124-204.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Mar 2021 15:08:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.thelocal.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 1_th.jpg
img.connatix.com/08889ce6-b115-4237-98a7-87bd66adf41b/ 30 KB
29 KB 28ms
27ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/08889ce6-b115-4237-98a7-87bd66adf41b/1_th.jpg?crop=850:478,smart&width=850&height=478&format=jpeg&quality=60&fit=crop
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4fff9adf26e9a1036f736376ac60818b70ec4ae5de414853f1a116ca6cee7a73

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: br
age: 100760
x-cache: HIT, HIT
fastly-io-info: ifsz=596147 idim=800x450 ifmt=png ofsz=30669 odim=800x450 ofmt=jpeg
fastly-stats: io=1
content-length: 29891
x-served-by: cache-dca17728-DCA, cache-hhn4047-HHN
access-control-allow-origin: *
x-timer: S1616166494.269664,VS0,VE1
etag: "BG9w7afWzueqfwmViIM7qZ1iXu4iEzPvTYEsbcEZeQY"
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 1

OPTIONS
H2 200 86
api-esp.piano.io/onsite/recdata/id/ Frame 0
0 120ms
120ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/onsite/recdata/id/86?story_url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&visitor=vlfdyrni4annguu4&pnespid=

Protocol

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.thelocal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.thelocal.de
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-tq-node: x
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 08eca0b831000005bb11142000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63279d6d1c7b05bb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 86 Show response
api-esp.piano.io/onsite/recdata/id/ 4 KB
2 KB 740ms
740ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/onsite/recdata/id/86?story_url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&visitor=vlfdyrni4annguu4&pnespid=

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a452a9cad9cb9dff8a39d2de3edcf52d6975e7cf53c491dbc35d66685eb1d285

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Mar 2021 15:08:15 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eca0b8a800004abd8a1b8000000001
server: cloudflare
etag: W/"11f3-fYQoYN0MGKPwXm9/eatvlOH0d3U"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelocal.de
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 63279d6ddcd24abd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2 200 localization.svg
buy.tinypass.com/widget/dist/checkout/css/img/ Frame ADAF 889 B
585 B 43ms
42ms Image
image/svg+xml 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buy.tinypass.com/widget/dist/checkout/css/img/localization.svg
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f88adf5feabb115fa35dd2ea8f232ec72c1e542b23d46c478e97735868d61df

Request headers

Referer: https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Mar 2021 11:44:54 GMT
server: cloudflare
age: 102876
etag: W/"889-1616067894000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=10368000
cf-ray: 63279d6d8fd24dd6-FRA
cf-request-id: 08eca0b87600004dd663341000000001
expires: Sat, 17 Jul 2021 15:08:14 GMT

GET
H2 200 fail-icon.png
buy.tinypass.com/widget/dist/checkout/css/img/ Frame ADAF 2 KB
2 KB 23ms
23ms Image
image/png 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/checkout/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
cf-cache-status: HIT
age: 2057
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
strict-transport-security: max-age=60; includeSubDomains
content-length: 2177
cf-request-id: 08eca0b87700004dd6842df000000001
wn: prod-dash-10-0-113-134
last-modified: Thu, 18 Mar 2021 11:44:56 GMT
server: cloudflare
etag: W/"2177-1616067896000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
server-time: 0.000
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 63279d6d8fd54dd6-FRA
expires: Fri, 19 Mar 2021 17:08:14 GMT

POST
H3-Q050 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 54AB 224 B
292 B 36ms
36ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=-4585682546935369491&bl=boq_subscribewithgoogleclientserver_20210317.13_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=58095&rt=c

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37abd326c023146c1fbee1581bf625e61d25f6002ffe1a2098bdb797c2462451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.oZdUmJOz1_o.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.q-CTD6cFMyg.L... Frame 54AB 46 KB
17 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.oZdUmJOz1_o.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.q-CTD6cFMyg.L.B1.O/am=AgIB/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,iTsyac,lPKSwe,lsjVmc,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ct=zgms/rs=ABXTjI7Q8P1_qyE-Q3OnZf7J6nKZHpH1rg/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edcf6c776146cfb3953cb6bf3ab398999638e45f0158db22d57e5a7737d37a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 21:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 21:58:19 GMT
server: sffe
age: 62962
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17660
x-xss-protection: 0
expires: Fri, 18 Mar 2022 21:38:52 GMT

GET
H3-Q050 200 m=lwddkf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.oZdUmJOz1_o.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.q-CTD6cFMyg.L... Frame 54AB 236 B
188 B 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.oZdUmJOz1_o.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.q-CTD6cFMyg.L.B1.O/am=AgIB/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lsjVmc,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ct=zgms/rs=ABXTjI7Q8P1_qyE-Q3OnZf7J6nKZHpH1rg/m=lwddkf

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 21:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 21:58:19 GMT
server: sffe
age: 62962
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160
x-xss-protection: 0
expires: Fri, 18 Mar 2022 21:38:52 GMT

GET
H3-Q050 200 m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.oZdUmJOz1_o.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.q-CTD6cFMyg.L... Frame 54AB 796 B
475 B 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.oZdUmJOz1_o.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.q-CTD6cFMyg.L.B1.O/am=AgIB/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lsjVmc,lwddkf,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ct=zgms/rs=ABXTjI7Q8P1_qyE-Q3OnZf7J6nKZHpH1rg/m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

860da1a0889dc7f3d6b5b0238d0dc1ddbeb2b608936540d2520440881e97a6a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 21:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 21:58:19 GMT
server: sffe
age: 62962
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 446
x-xss-protection: 0
expires: Fri, 18 Mar 2022 21:38:52 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
60 B 36ms
35ms Other
text/plain 2a03:2880:f10a:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10a:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBZegYV5hK4sJnUBA

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 19 Mar 2021 15:08:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.thelocal.de
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

OPTIONS
H2 200 log
api.tinypass.com/api/v3/anon/error/ Frame 0
0 207ms
183ms Preflight
application/json 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tinypass.com/api/v3/anon/error/log

Protocol

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: ng-request,piano-request-without-spinner,x-requested-with
Origin: https://buy.tinypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
content-type: application/json
content-length: 37
access-control-allow-headers: ng-request,piano-request-without-spinner,x-requested-with
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
server-time: 0.001
strict-transport-security: max-age=60; includeSubDomains
wn: prod-dash-10-200-69-26
x-forwarded-https: on
x-request-id: Cq128qqiLuj
cf-cache-status: DYNAMIC
cf-request-id: 08eca0b8c800002c2e2b360000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63279d6e0fdc2c2e-FRA

POST
H2 200 log Show response
api.tinypass.com/api/v3/anon/error/ Frame ADAF 56 B
275 B 161ms
161ms XHR
application/json 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tinypass.com/api/v3/anon/error/log

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA?compressed=true&v=12.122.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eac0931e09c53c9dc8bd7ecc853fdaae420bfb9ac7d237074da4a809ccdbb998

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/
X-Requested-With: XMLHttpRequest
Piano-request-without-spinner: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 08eca0b97f00002c2e68877000000001
x-request-id: Cq128qqneHP
pragma: no-cache
wn: prod-dash-10-0-132-118
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.002
cf-ray: 63279d6f395c2c2e-FRA
expires: 0

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame ADAF 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 333635
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:27:39 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
285 B 154ms
154ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nyvw0&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 122
pragma: no-cache
last-modified: Fri, 19 Mar 2021 15:08:14 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 089ec4f5c0732a27b54115f444011ed0
x-transaction: 0075e48e0039d383
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 trackShow Show response
buy.tinypass.com/checkout/offer/ Frame ADAF 1 KB
1 KB 435ms
435ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/trackShow

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bf598540a493639117ab1a567971f6b68719dc22efc48c14f5a66efba3e92df

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=.login-box&templateId=OTU6M3FSD4MZ&templateVariantId=OTVN7R7RXGJUZ&offerId=OF5GTA24P5VH&formNameByTermId=%7B%7D&showCloseButton=false&experienceId=EX8P88MXOZPZ&widget=offer&iframeId=offer-0-drfCY&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=lGr3ciYmC7&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&width=350&_qh=c55003e6cf
X-Requested-With: XMLHttpRequest
Piano-request-without-spinner: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
x-xss-protection: 0
x-request-id: Cq128qqPR4J
pragma: no-cache
wn: prod-dash-10-0-114-143
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: *
content-type: application/json;charset=utf-8
access-control-allow-origin: https://dashboard.piano.io
cache-control: no-cache, no-store, must-revalidate
server-time: 0.002
cf-request-id: 08eca0b8bf00004dd6399a7000000001
cf-ray: 63279d6df8a44dd6-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 log Show response
play.google.com/ Frame 54AB 131 B
506 B 62ms
42ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:14 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 46ms
38ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 19 Mar 2021 15:08:14 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Mar 2021 15:08:14 GMT
cache-control: private

POST
H3-Q050 200 log Show response
play.google.com/ Frame 54AB 131 B
223 B 76ms
44ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:14 GMT

POST
H3-Q050 200 log Show response
play.google.com/ Frame 54AB 131 B
615 B 75ms
43ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:14 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 45ms
38ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 19 Mar 2021 15:08:14 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Mar 2021 15:08:14 GMT
cache-control: private

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 43ms
38ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 19 Mar 2021 15:08:14 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Mar 2021 15:08:14 GMT
cache-control: private

POST
H3-Q050 200 log Show response
play.google.com/ Frame 54AB 131 B
223 B 76ms
43ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:14 GMT

GET
H2 200 init-9259iyeamdzdwmu8a9f.js Show response
api.fouanalytics.com/api/ 0
709 B 187ms
171ms Script
text/javascript 2606:4700:e4::ac40:a002
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-9259iyeamdzdwmu8a9f.js?pid=640463867&domainId=2164&pvid=1903211608139289317&platform=3&wid=2
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a002 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=waDzAU8CwEbkMwkcg6vg7hImOEMgtO0KM7rqgVDgDAjmgLdd2gQbCkQbLGRlZi56Vgkf4fvyzFgrPbP%2FA8covsHdIwAF2%2BojkjiGN61aHXUOw8lYrGCWZ%2BKWcdjzaTSNhg%3D%3D"}],"max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 63279d6fff822b65-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eca0b9fb00002b6568a10000000001
expires: -1

POST
H/1.1 200
OK SetPageRequestGeo Show response
analytics.carambo.la/ 35 B
332 B 492ms
126ms Fetch
application/json 52.3.188.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetPageRequestGeo
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.188.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-188-134.compute-1.amazonaws.com
Software: /
Resource Hash: a3b59cf3c15a5896f4224c367d24e647fe14e411b8024dcc87aa37783e0cf110

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:14 GMT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.thelocal.de
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35
Expires: -1

GET
H3-Q050 200 css
fonts.googleapis.com/ 8 KB
734 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500,300,700,400

Requested by

Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae31abd20931ac70ca57381ebeed30009c8343f1fb257f0d90e64b6b137262ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:39:00 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:14 GMT

POST
H/1.1 200
OK GetAds Show response
xtr.carambo.la/ 7 KB
2 KB 501ms
122ms Fetch
text/html 3.226.154.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://xtr.carambo.la/GetAds
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.154.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 95d5b200b8d23c371953a09f1a490d46b1a938b7991cb8ca3cd089cb8a57fa75

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:13 GMT
Content-Encoding: deflate
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1812
Expires: -1

GET
H2 200 cbola_layer_152.min.js Show response
cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/container/layer_152/ 66 KB
13 KB 27ms
27ms XHR
text/javascript 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/container/layer_152/cbola_layer_152.min.js
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEB) /
Resource Hash: bc6fb0ce59f27a611b139641dcf8bb0852f28bd09973a8afc32e1aca5b37139d

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 7623805
x-cache: HIT
content-length: 12852
x-amz-id-2: vgU+rm3JyMEjJlzmKGZ1PPqSuqzlMc6GhpTg6fIt0BvGeVspqSneiR+BoLZ3scoa6nrZFHU0lZQ=
last-modified: Mon, 21 Dec 2020 09:02:54 GMT
server: ECS (mil/6CEB)
etag: "3f47a47dedf8498405556e6e789dbf94+gzip"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: 3E29CEAF7D12E226
access-control-allow-origin: *
cache-control: max-age=63072000,s-maxage=63072000
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 init-9259iyeamdzdwmu8a9f.js Show response
api.fouanalytics.com/api/ 0
292 B 168ms
168ms Script
text/javascript 2606:4700:e4::ac40:a002
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-9259iyeamdzdwmu8a9f.js?pid=154432158&domainId=2164&pvid=1903211608139289317&platform=3&wid=0
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a002 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xuqTodUiFOPJhknkHP0R69eVS63JPh8FOdMvql2pxjgqXR3rRgu7HcNiS5RnYJFloBxVBkQr2Yhp%2Bimwk4xQOSPkUMBAk5fVgKwSWDfGOQRsBh1y9zqnFtl2YUjCdIsePg%3D%3D"}],"max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 63279d700f982b65-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eca0ba0700002b6566b1d000000001
expires: -1

POST
H/1.1 200
OK SetPageRequestGeo Show response
analytics.carambo.la/ 35 B
332 B 490ms
130ms Fetch
application/json 52.3.188.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetPageRequestGeo
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.188.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-188-134.compute-1.amazonaws.com
Software: /
Resource Hash: a3b59cf3c15a5896f4224c367d24e647fe14e411b8024dcc87aa37783e0cf110

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:15 GMT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.thelocal.de
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35
Expires: -1

GET
H3-Q050 200 css
fonts.googleapis.com/ 20 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,600,300,700,800

Requested by

Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e0d7c507cf900775df1d347c362c6ab870162905b31ca3b2b4afd5f73fad98f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:35:28 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:14 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 6 KB
663 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:500,600,300,700,400

Requested by

Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

deddc2d99e04395e282e14fa4eac9106e4e879a6eee372c6077b5d71e408bd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:46:40 GMT
server: ESF
date: Fri, 19 Mar 2021 15:08:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Mar 2021 15:08:14 GMT

GET
H2 200 27351_2_4.jpg
media.carambo.la/Images/ 33 KB
33 KB 31ms
30ms Image
image/jpeg 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.carambo.la/Images/27351_2_4.jpg
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF3) /
Resource Hash: 4b2663d1b6ab47cc12dc010b0e3ae1af14a3001bcabc890404d0e66206cee6d8

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
last-modified: Tue, 20 Mar 2018 09:44:10 GMT
server: ECS (mil/6CF3)
age: 49772878
etag: "604aad08079decd4ba2f243925e78763"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=63072000,s-maxage=63072000
x-amz-request-id: FA75FF3DE23D0B9C
x-cache: HIT
accept-ranges: bytes
content-length: 33280
x-amz-id-2: Dbo3+l96Xv76BVsIZGnEd6IoownCnvHoAjY/c12HPhuUBfh9K3ZK6jxmpEQTw51eFNXF2bPZIcY=

GET
H2 200 cbolaSprite.png
cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/css/assets/ 23 KB
23 KB 27ms
27ms Image
image/png 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/css/assets/cbolaSprite.png
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CDE) /
Resource Hash: 77ae69cda02c889ca874d3a9247720d1c32b653d54b8c5c8fc78f8b82e81288f

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
last-modified: Mon, 21 Dec 2020 09:03:03 GMT
server: ECS (mil/6CDE)
age: 7623807
etag: "5d9f6257c16e8e89a8ead1a2890530d4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=63072000,s-maxage=63072000
x-amz-request-id: 4B89E1C95F8F2789
x-cache: HIT
accept-ranges: bytes
content-length: 23766
x-amz-id-2: s5hofPgCQrnFLuQzwApLfJsKbAn79DLGwPRnnaT2Dcw8Fbxi1G8L/BYxg4+lD29cwZacnryPCrA=

POST
H/1.1 204
No Content SetPageElementsRequestNew
analytics.carambo.la/ 0
0 465ms
118ms Fetch 52.3.188.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetPageElementsRequestNew
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.188.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-188-134.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:14 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

POST
H/1.1 200
OK GetAds Show response
xtr.carambo.la/ 9 KB
2 KB 479ms
126ms Fetch
text/html 3.226.154.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://xtr.carambo.la/GetAds
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.154.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d960e87573e2f0cd823cee70ee932bfcf96f5ff1b08e6223ae1c290646fd6aca

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:14 GMT
Content-Encoding: deflate
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1977
Expires: -1

POST
H/1.1 204
No Content SetEvent
analytics.carambo.la/ 0
0 491ms
123ms Fetch 52.3.188.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetEvent
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.188.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-188-134.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:14 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,300,700,400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 332187
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:51:47 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,300,700,400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 155743
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:52:31 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,300,700,400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 333635
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:27:39 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,600,300,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:03:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:21 GMT
server: sffe
age: 11066
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14932
x-xss-protection: 0
expires: Sat, 19 Mar 2022 12:03:48 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,600,300,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:15:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 334362
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:15:32 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,600,300,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 00:24:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 139438
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Fri, 18 Mar 2022 00:24:16 GMT

GET
H3-Q050 200 XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:500,600,300,700,400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 22:37:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:44:23 GMT
server: sffe
age: 145845
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19088
x-xss-protection: 0
expires: Thu, 17 Mar 2022 22:37:29 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,600,300,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thelocal.de
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 02:04:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 133445
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 18 Mar 2022 02:04:09 GMT

GET
H2 200 cbolaSprite.png
cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/css/assets/ 23 KB
23 KB 27ms
27ms Image
image/png 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/css/assets/cbolaSprite.png
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CDE) /
Resource Hash: 77ae69cda02c889ca874d3a9247720d1c32b653d54b8c5c8fc78f8b82e81288f

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
last-modified: Mon, 21 Dec 2020 09:03:03 GMT
server: ECS (mil/6CDE)
age: 7623807
etag: "5d9f6257c16e8e89a8ead1a2890530d4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=63072000,s-maxage=63072000
x-amz-request-id: 4B89E1C95F8F2789
x-cache: HIT
accept-ranges: bytes
content-length: 23766
x-amz-id-2: s5hofPgCQrnFLuQzwApLfJsKbAn79DLGwPRnnaT2Dcw8Fbxi1G8L/BYxg4+lD29cwZacnryPCrA=

GET
H2 200 cbolaIcons.woff
cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/css/fonts/ 4 KB
4 KB 27ms
26ms Font
application/octet-stream 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/css/fonts/cbolaIcons.woff?phtwnv
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF8) /
Resource Hash: c85a8e7c2d1d0583578b2afd3a1ce469797bfa5c9d5598cba25f51f839348ec8

Request headers

Origin: https://www.thelocal.de
Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
last-modified: Mon, 21 Dec 2020 09:02:55 GMT
server: ECS (mil/6CF8)
age: 7623807
etag: "dae3eb8c820d3bbb16a17610dece1c88"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=63072000,s-maxage=63072000
x-amz-request-id: 87230C984A84672B
x-cache: HIT
accept-ranges: bytes
content-length: 3832
x-amz-id-2: Q4FZNdalxNRNY7uXGVpPwkGNbHat/g5jem8c7dA8M7m6YgtOaENeYd7xJJewsc49rWfMVJ92mbc=

POST
H/1.1 204
No Content SetPageElementsRequestNew
analytics.carambo.la/ 0
0 470ms
118ms Fetch 52.3.188.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetPageElementsRequestNew
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.188.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-188-134.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:14 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 12440_3_10.jpg
media.carambo.la/Images/ 21 KB
22 KB 29ms
29ms Image
image/jpeg 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.carambo.la/Images/12440_3_10.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEC) /
Resource Hash: b8240c52015bf2d021c19c3882628a79e21ed4743daef9fcdfb9ada666f9cd35

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
last-modified: Thu, 11 May 2017 11:14:25 GMT
server: ECS (mil/6CEC)
age: 295492
etag: "a2cd24011cda820f9fb31f563ee37313"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-request-id: TJ2W9KAZSSWE5SMM
x-cache: HIT
accept-ranges: bytes
content-length: 21825
x-amz-id-2: MwkLC1O7Tyeu/RC97G6vaNYS8mIauMM8/xHKxRL5DZJBB9NGIXwqZF42Ljo77voNao9Md/4rrfs=

GET
H2 200 14091_3_10.jpg
media.carambo.la/Images/ 18 KB
18 KB 31ms
31ms Image
image/jpeg 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.carambo.la/Images/14091_3_10.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: 89386f0a3d9126245e5398245fccddb4c78a08e72cefd15955cd283e22d81559

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
last-modified: Thu, 11 May 2017 11:08:46 GMT
server: ECS (mil/6CE4)
age: 338474
etag: "d64bf9c57920f7999e2a19e4ce72a928"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-request-id: 12BTAHR2X95ZW4SG
x-cache: HIT
accept-ranges: bytes
content-length: 18512
x-amz-id-2: g9O2jvhVE3XqPbS0hTICnBC/mU908iL0yukwZzaNJFY7DstzbC22MlhcmvGx170AqJCkhWBtnuc=

GET
H2 200 8965_3_10.jpg
media.carambo.la/Images/ 12 KB
12 KB 33ms
33ms Image
image/jpeg 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.carambo.la/Images/8965_3_10.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEA) /
Resource Hash: 191e7366d6cce973320b4d7e247e3e0bd8b1d5605b2f0d112979e315540da540

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
last-modified: Thu, 11 May 2017 11:13:31 GMT
server: ECS (mil/6CEA)
age: 102270
etag: "c539235333eac02cb5658273d53a412a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-request-id: 89Y4DMBZ4ZPHG0G1
x-cache: HIT
accept-ranges: bytes
content-length: 12374
x-amz-id-2: CGPh3XCWe+3uh79LWutvoZRcajFLDP9gG7fPhivXfVvrpP8cHK3LE31Y/eLkDUuxHW08gScA7gg=

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 37E0 330 KB
114 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116759
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:14 GMT

GET
H2 200 / Show response
vast.aniview.com/api/adserver61/vast/ Frame 37E0 7 B
249 B 35ms
12ms XHR
text/xml 2a02:26f0:1700:59a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=5d8ccec528a0617cae5a0755&AV_CHANNELID=5df8c8b028a061081675d741&AV_URL=&cb=9c0136ab1616166494884&AV_WIDTH=850&AV_HEIGHT=478
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:59a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: aea6e4fc64cbd4b2ab6a125656e4bc9024212bf672074d70b62f5a1545f97687

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:14 GMT
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/xml
access-control-allow-origin: https://www.thelocal.de
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7
expires: Fri, 19 Mar 2021 15:08:14 GMT

GET
H2 200 12440_3_10.jpg
media.carambo.la/Images/ 21 KB
21 KB 29ms
29ms Image
image/jpeg 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.carambo.la/Images/12440_3_10.jpg
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEC) /
Resource Hash: b8240c52015bf2d021c19c3882628a79e21ed4743daef9fcdfb9ada666f9cd35

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
last-modified: Thu, 11 May 2017 11:14:25 GMT
server: ECS (mil/6CEC)
age: 295492
etag: "a2cd24011cda820f9fb31f563ee37313"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-request-id: TJ2W9KAZSSWE5SMM
x-cache: HIT
accept-ranges: bytes
content-length: 21825
x-amz-id-2: MwkLC1O7Tyeu/RC97G6vaNYS8mIauMM8/xHKxRL5DZJBB9NGIXwqZF42Ljo77voNao9Md/4rrfs=

GET
H2 200 14091_3_10.jpg
media.carambo.la/Images/ 18 KB
18 KB 29ms
29ms Image
image/jpeg 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.carambo.la/Images/14091_3_10.jpg
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: 89386f0a3d9126245e5398245fccddb4c78a08e72cefd15955cd283e22d81559

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
last-modified: Thu, 11 May 2017 11:08:46 GMT
server: ECS (mil/6CE4)
age: 338474
etag: "d64bf9c57920f7999e2a19e4ce72a928"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-request-id: 12BTAHR2X95ZW4SG
x-cache: HIT
accept-ranges: bytes
content-length: 18512
x-amz-id-2: g9O2jvhVE3XqPbS0hTICnBC/mU908iL0yukwZzaNJFY7DstzbC22MlhcmvGx170AqJCkhWBtnuc=

GET
H2 200 8965_3_10.jpg
media.carambo.la/Images/ 12 KB
12 KB 30ms
30ms Image
image/jpeg 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.carambo.la/Images/8965_3_10.jpg
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEA) /
Resource Hash: 191e7366d6cce973320b4d7e247e3e0bd8b1d5605b2f0d112979e315540da540

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:14 GMT
last-modified: Thu, 11 May 2017 11:13:31 GMT
server: ECS (mil/6CEA)
age: 102270
etag: "c539235333eac02cb5658273d53a412a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-request-id: 89Y4DMBZ4ZPHG0G1
x-cache: HIT
accept-ranges: bytes
content-length: 12374
x-amz-id-2: CGPh3XCWe+3uh79LWutvoZRcajFLDP9gG7fPhivXfVvrpP8cHK3LE31Y/eLkDUuxHW08gScA7gg=

GET
H3-Q050 200 bridge3.447.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame FC24 576 KB
188 KB 41ms
21ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.447.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelocal.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelocal.de/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192496
date: Sun, 14 Mar 2021 13:29:38 GMT
expires: Mon, 14 Mar 2022 13:29:38 GMT
last-modified: Sun, 14 Mar 2021 13:23:56 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 437917
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 37E0 44 KB
17 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:15 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4644 36 KB
12 KB 27ms
25ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 14:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2449
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:27:26 GMT

GET
H2 200 logEspMicroConversion Show response
api-v3.tinypass.com/api/v3/conversion/ 80 B
308 B 122ms
121ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-v3.tinypass.com/api/v3/conversion/logEspMicroConversion?tracking_id=%7Bjcx%7DH4sIAAAAAAAAAI2Ry26DMBRE_8XrWLJNzGtHWoiitFIa0TzYGXMhTnkJm4JU9d9LorZRpC56l3NmZjH3AwmVIR-Vy86S6lg9OGiGWlHATsGwuhBGGMXEwtTD1MbExdTCzKJ4HPc8GEO5Tth5ET0OGAQnjEEKnPNcSs_NMofZXu5ZhHvUTqdiGFvoFNQSrtXhgcZLO1lF2-fNHQ1HkL1RTX21UZdw4hSUEkymYz1LSQ86VW9ZmTKuDS3OzV0-kL9hfWqGULdbkE1VQZ2JC9GL3asbrLeL4_GQbKJ4Cp-EjqFqS2EA-bkoNcyQ-RYuRXVfljdlJzolanMDUlStUEWtf4R3pdWVo3f894QWVtILQTpR_PRSmiDZ_2dC1V5-Igj157nrU4_5fE7nvs8m1mvoggJqM1myQU6KMSXyqU1txpnrWZ9fVgxyNO8BAAA&esp_widget_id=164&event_type=EXTERNAL_EVENT&event_group_id=init&custom_params=&callback=jQuery11240142392920609403_1616166493163&_=1616166493165

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca29a3f2f07fc3b4526732694f324dfe9dd743e279398aed4d4c1d772a8c285

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 08eca0bb9400004d89f6301000000001
x-request-id: Cr128qqVJAi
pragma: no-cache
wn: prod-api-10-0-91-58
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: no-cache, no-store, must-revalidate
cf-ray: 63279d728bb64d89-FRA
expires: 0

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 8BCD 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Open+Sans:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api-esp.piano.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 332188
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:51:47 GMT

GET
H2

200

rsz_235752097.jpg
apiwp.thelocal.com/wp-content/uploads/2021/03/ Frame 8BCD
Redirect Chain

https://api-esp.piano.io/-s/iz7eSngBrjsH5cgqB2-P
https://apiwp.thelocal.com/wp-content/uploads/2021/03/rsz_235752097.jpg

98 KB
98 KB

121ms
68ms

Image
image/jpeg

35.244.146.207
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apiwp.thelocal.com/wp-content/uploads/2021/03/rsz_235752097.jpg

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/publisher/bekose/164?wv=96&v=vd.1.60.5-785b23d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.146.207 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

shield /

Resource Hash

a7bffb3b80261b00e4692dd90aa355eb1108885764feea84fbe43cae6011ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://api-esp.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:15 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 13:22:00 GMT
server: shield
etag: "1876b-5bde399e58113"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 82bac57093b60e21876d0edb9911167b
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 100203

Redirect headers

date: Fri, 19 Mar 2021 15:08:15 GMT
x-tq-node: x
cf-cache-status: DYNAMIC
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105
cf-request-id: 08eca0bb9e00004abd5317c000000001
server: cloudflare
location: https://apiwp.thelocal.com/wp-content/uploads/2021/03/rsz_235752097.jpg
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: api-esp.piano.io
vary: Accept
access-control-allow-credentials: true
cf-ray: 63279d729c764abd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2

200

Maskenpflicht.jpg
apiwp.thelocal.com/wp-content/uploads/2021/03/ Frame 8BCD
Redirect Chain

https://api-esp.piano.io/-s/wxkBSngBHgSt8voY9Wcq
https://apiwp.thelocal.com/wp-content/uploads/2021/03/Maskenpflicht.jpg

209 KB
209 KB

117ms
71ms

Image
image/jpeg

35.244.146.207
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apiwp.thelocal.com/wp-content/uploads/2021/03/Maskenpflicht.jpg

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/publisher/bekose/164?wv=96&v=vd.1.60.5-785b23d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.146.207 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

shield /

Resource Hash

6ab6973be39cb0972c545bb35bafd11c4d61d38bc9d5624a9f185c3a43d9f500

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://api-esp.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:15 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 10:03:12 GMT
server: shield
etag: "3432c-5bde0d2eb0e08"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 5a060067841483fc931221f0c366ce31
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 213804

Redirect headers

date: Fri, 19 Mar 2021 15:08:15 GMT
x-tq-node: x
cf-cache-status: DYNAMIC
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105
cf-request-id: 08eca0bba000004abd880d8000000001
server: cloudflare
location: https://apiwp.thelocal.com/wp-content/uploads/2021/03/Maskenpflicht.jpg
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: api-esp.piano.io
vary: Accept
access-control-allow-credentials: true
cf-ray: 63279d729c7a4abd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2

200

rsz_235814521.jpg
apiwp.thelocal.com/wp-content/uploads/2021/03/ Frame 8BCD
Redirect Chain

https://api-esp.piano.io/-s/9bVwSngBAxj7yXN9EJdL
https://apiwp.thelocal.com/wp-content/uploads/2021/03/rsz_235814521.jpg

418 KB
418 KB

91ms
33ms

Image
image/jpeg

35.244.146.207
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apiwp.thelocal.com/wp-content/uploads/2021/03/rsz_235814521.jpg

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/publisher/bekose/164?wv=96&v=vd.1.60.5-785b23d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.146.207 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

shield /

Resource Hash

599896f4170d7de5bbded85c96263e5b350c6069f99a66ae2d49a9d3994dc504

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://api-esp.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:15 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 11:10:32 GMT
server: shield
etag: "686cc-5bde1c3b61fdb"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 80e34e6ca34c46ef52ec14afd979e8c7
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 427724

Redirect headers

date: Fri, 19 Mar 2021 15:08:15 GMT
x-tq-node: x
cf-cache-status: DYNAMIC
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105
cf-request-id: 08eca0bb9f00004abdc1956000000001
server: cloudflare
location: https://apiwp.thelocal.com/wp-content/uploads/2021/03/rsz_235814521.jpg
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: api-esp.piano.io
vary: Accept
access-control-allow-credentials: true
cf-ray: 63279d729c7b4abd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2

200

merkelspahn.jpg
apiwp.thelocal.com/wp-content/uploads/2021/03/ Frame 8BCD
Redirect Chain

https://api-esp.piano.io/-s/QUtwSngBDDgI0gS1ENFP
https://apiwp.thelocal.com/wp-content/uploads/2021/03/merkelspahn.jpg

271 KB
271 KB

123ms
67ms

Image
image/jpeg

35.244.146.207
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apiwp.thelocal.com/wp-content/uploads/2021/03/merkelspahn.jpg

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/publisher/bekose/164?wv=96&v=vd.1.60.5-785b23d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.146.207 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

shield /

Resource Hash

48d1f942045a6ba60b6cab826fb8e0ec3dcbda8acbc17e560817ed481ed8f38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://api-esp.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:15 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 11:45:55 GMT
server: shield
etag: "43a76-5bde2423e7d33"
x-frame-options: SAMEORIGIN
content-language: en-GB
x-shield-request-id: 8b148ae41b2b9e700e967baeb47f1ad4
cache-control: max-age=2592000, public
strict-transport-security: max-age=2592000;
accept-ranges: bytes
content-type: image/jpeg
alt-svc: clear
content-length: 277110

Redirect headers

date: Fri, 19 Mar 2021 15:08:15 GMT
x-tq-node: x
cf-cache-status: DYNAMIC
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 103
cf-request-id: 08eca0bb9f00004abd78a91000000001
server: cloudflare
location: https://apiwp.thelocal.com/wp-content/uploads/2021/03/merkelspahn.jpg
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: api-esp.piano.io
vary: Accept
access-control-allow-credentials: true
cf-ray: 63279d729c7c4abd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

POST
H2 200 w_shown Show response
api-esp.piano.io/tracker/lucid/event/61/164/ 39 B
217 B 188ms
187ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/event/61/164/w_shown?src_story=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&visitor=vlfdyrni4annguu4

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Mar 2021 15:08:15 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=15724800; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eca0bc3a00004abda703a000000001
server: cloudflare
etag: W/"27-ZRtc8GKflOIDdJdAqG9vuofWUr0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelocal.de
vary: Accept-Encoding, X-HTTP-Method-Override
access-control-allow-credentials: true
cf-ray: 63279d738dd14abd-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H2 200 w_shown
api-esp.piano.io/tracker/lucid/event/61/164/ Frame 0
0 136ms
136ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thelocal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 19 Mar 2021 15:08:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.thelocal.de
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-tq-node: x
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 08eca0bbb5000005bb35a9b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63279d72bcef05bb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 prebid.min.js Show response
cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/external/ 258 KB
82 KB 27ms
27ms XHR
text/javascript 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/external/prebid.min.js
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEE) /
Resource Hash: b24d477df88c167b18b95ea02b6c9223962e69cd767a9c19648011cc64bbe14d

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:15 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 7623807
x-cache: HIT
content-length: 83282
x-amz-id-2: iOhV0j9/PmXCsAYXRA+wlPVyRV6VzNr5va07fIFvhoWIEgfLZKgO8OVr8MhdVwiQIIS3E5uWUQU=
last-modified: Mon, 21 Dec 2020 09:02:55 GMT
server: ECS (mil/6CEE)
etag: "0abadea01d2545251211a3c2f123a768+gzip"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: 2T4V7Q1H4K4K9W7G
access-control-allow-origin: *
cache-control: max-age=63072000,s-maxage=63072000
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 37E0 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 15:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame FC24 156 B
625 B 153ms
152ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F1774138%2Fse_highlights_midroll&description_url=http%3A%2F%2Fthelocal.de&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1439959435264912&sdkv=h.3.447.1&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=1517408555&sdk_apis=2%2C8&sid=EF223DCA-499C-4A92-B425-68644FB7F2E3&eid=44733378&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&dlt=1616166492889&idt=2213&dt=1616166495532&cookie_enabled=1&scor=2589063965349390&ged=ve4_td3_tt1_pd3_la3000_er4176.200.4329.500_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
itp.thelocal.com/ 0
239 B 65ms
20ms XHR
text/plain 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itp.thelocal.com/?maxAge=2628000
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: https://www.thelocal.de
access-control-allow-credentials: true
cf-ray: 63279d7db9c3bee2-FRA
content-length: 0
cf-request-id: 08eca0c2940000bee256002000000001

GET
H2 200 protobuf.min.js Show response
cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/external/ 69 KB
21 KB 28ms
28ms XHR
text/javascript 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.31.1/external/protobuf.min.js
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF8) /
Resource Hash: 04b075859121bd8bae2825f760da6f0a2f0a5e9c7755370a55d51c961e41354c

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:17 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 7623809
x-cache: HIT
content-length: 21221
x-amz-id-2: rpPIGjQx7/DBkjDDcHndTJRS0zBfkq1leB2edbh4/wgnAtiJBb4jfTkROtz1GWNQc8BLWtcPKag=
last-modified: Mon, 21 Dec 2020 09:02:57 GMT
server: ECS (mil/6CF8)
etag: "0b2aa9f2e7a587c31a287a8c3cdc3acd+gzip"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: 2D1765536BA77C8A
access-control-allow-origin: *
cache-control: max-age=63072000,s-maxage=63072000
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 blacklist_script.js Show response
tagan.adlightning.com/carambola/ Frame 3492 38 KB
12 KB 107ms
47ms Script
application/javascript 13.225.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/carambola/blacklist_script.js
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0208fb9ca0668efd9bbbd9fe13fc856bb48fb6443f7175198a1c71ed4bebdf55

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MRfAsEZn7e_QNGKitEkvxHHado3VotgE
content-encoding: gzip
etag: "b351f439dd75855375451e43a4f8e4bc"
age: 2254
x-cache: Hit from cloudfront
content-length: 12059
x-amz-meta-git_commit: ced24d7
last-modified: Thu, 18 Mar 2021 19:33:11 GMT
server: AmazonS3
date: Fri, 19 Mar 2021 14:30:44 GMT
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: tzpegIiffdnEq1bGgYl_yCtV5_xY4M12u_8I_iFTetn8wGr7uVicQA==

GET
H2 200 blocking_script.js Show response
tagan.adlightning.com/carambola/ Frame 3492 63 KB
21 KB 107ms
47ms Script
application/javascript 13.225.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/carambola/blocking_script.js
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea3b5eac0164671285c0a6e2fd8a0e6dc9ea71f00aab9959a34e927a5e6f5e68

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uz1j5ck1P_w0yf6aVEu_nBY2rTl5HDXn
content-encoding: gzip
etag: "5af2bf76d6df13b180b1a515fb477916"
age: 51605
x-cache: Hit from cloudfront
content-length: 21404
x-amz-meta-git_commit: 9a4f7ce
last-modified: Wed, 26 Aug 2020 17:36:02 GMT
server: AmazonS3
date: Fri, 19 Mar 2021 00:48:18 GMT
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: O5AeIgE38qL6XeNnWj6mVCzXfw6VaA2iMrl5y4dMrNZ9S2Uw7xsvjQ==

GET
H2 200 jstag Show response
carambola-d.openx.net/w/1.0/ Frame 3492 66 KB
23 KB 96ms
42ms Script
text/javascript 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://carambola-d.openx.net/w/1.0/jstag
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 94925faf63d0b41fc71eb47ba76f98fbb14c058f817da9545050f74fb4c46596

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:17 GMT
content-encoding: gzip
server: OXGW/16.203.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 23404
expires: Fri, 19 Mar 2021 16:08:17 GMT

POST
H/1.1 204
No Content SetAdsRequest
analytics.carambo.la/ 0
0 118ms
118ms Fetch 52.3.188.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetAdsRequest
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.188.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-188-134.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:16 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 blacklist_script.js Show response
tagan.adlightning.com/carambola/ Frame 782C 38 KB
12 KB 103ms
48ms Script
application/javascript 13.225.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/carambola/blacklist_script.js
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0208fb9ca0668efd9bbbd9fe13fc856bb48fb6443f7175198a1c71ed4bebdf55

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MRfAsEZn7e_QNGKitEkvxHHado3VotgE
content-encoding: gzip
etag: "b351f439dd75855375451e43a4f8e4bc"
age: 2254
x-cache: Hit from cloudfront
content-length: 12059
x-amz-meta-git_commit: ced24d7
last-modified: Thu, 18 Mar 2021 19:33:11 GMT
server: AmazonS3
date: Fri, 19 Mar 2021 14:30:44 GMT
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: aEaxlXiG39B-yDm71wcZDuJiM2Urbk3NjXAX-nzexYe9gi9yYMUCig==

GET
H2 200 blocking_script.js Show response
tagan.adlightning.com/carambola/ Frame 782C 63 KB
21 KB 153ms
98ms Script
application/javascript 13.225.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/carambola/blocking_script.js
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea3b5eac0164671285c0a6e2fd8a0e6dc9ea71f00aab9959a34e927a5e6f5e68

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uz1j5ck1P_w0yf6aVEu_nBY2rTl5HDXn
content-encoding: gzip
etag: "5af2bf76d6df13b180b1a515fb477916"
age: 51605
x-cache: Hit from cloudfront
content-length: 21404
x-amz-meta-git_commit: 9a4f7ce
last-modified: Wed, 26 Aug 2020 17:36:02 GMT
server: AmazonS3
date: Fri, 19 Mar 2021 00:48:18 GMT
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: xQRBXn7qOVpJpy7yxhCl7Gq6O9tjIBRaNlw-U1zWBSvmkRCmmYDU1g==

GET
H/1.1 200
OK fpi.js Show response
ap.lijit.com/www/delivery/ Frame 782C 5 KB
3 KB 103ms
33ms Script
text/javascript 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?z=423415&width=300&height=250
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:18 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"60468d89-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap5ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 204
No Content SetAdsRequest
analytics.carambo.la/ 0
0 123ms
123ms Fetch 52.3.188.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetAdsRequest
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.188.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-188-134.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:16 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 blacklist_script.js Show response
tagan.adlightning.com/carambola/ Frame 99B6 38 KB
12 KB 98ms
47ms Script
application/javascript 13.225.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/carambola/blacklist_script.js
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0208fb9ca0668efd9bbbd9fe13fc856bb48fb6443f7175198a1c71ed4bebdf55

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MRfAsEZn7e_QNGKitEkvxHHado3VotgE
content-encoding: gzip
etag: "b351f439dd75855375451e43a4f8e4bc"
age: 2254
x-cache: Hit from cloudfront
content-length: 12059
x-amz-meta-git_commit: ced24d7
last-modified: Thu, 18 Mar 2021 19:33:11 GMT
server: AmazonS3
date: Fri, 19 Mar 2021 14:30:44 GMT
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Aj66yp0CPVw4p0N2C095BKfFS0OSiLSPe2se7Cg-ldVQcYJEPSgaVg==

GET
H2 200 blocking_script.js Show response
tagan.adlightning.com/carambola/ Frame 99B6 63 KB
21 KB 98ms
48ms Script
application/javascript 13.225.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/carambola/blocking_script.js
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea3b5eac0164671285c0a6e2fd8a0e6dc9ea71f00aab9959a34e927a5e6f5e68

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uz1j5ck1P_w0yf6aVEu_nBY2rTl5HDXn
content-encoding: gzip
etag: "5af2bf76d6df13b180b1a515fb477916"
age: 51605
x-cache: Hit from cloudfront
content-length: 21404
x-amz-meta-git_commit: 9a4f7ce
last-modified: Wed, 26 Aug 2020 17:36:02 GMT
server: AmazonS3
date: Fri, 19 Mar 2021 00:48:18 GMT
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: hHuw2EHhgXIWv4NGgKOmTiJA3xP12t5rHJzq-MLdmoCF4lAEYZK_IA==

GET
H/1.1 200
OK fpi.js Show response
ap.lijit.com/www/delivery/ Frame 99B6 5 KB
3 KB 98ms
33ms Script
text/javascript 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?z=423415&width=300&height=250
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:17 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"60468d89-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap5ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 204
No Content SetAdsRequest
analytics.carambo.la/ 0
0 120ms
119ms Fetch 52.3.188.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetAdsRequest
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.188.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-188-134.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:17 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 blacklist_script.js Show response
tagan.adlightning.com/carambola/ Frame 2113 38 KB
12 KB 132ms
98ms Script
application/javascript 13.225.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/carambola/blacklist_script.js
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0208fb9ca0668efd9bbbd9fe13fc856bb48fb6443f7175198a1c71ed4bebdf55

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MRfAsEZn7e_QNGKitEkvxHHado3VotgE
content-encoding: gzip
etag: "b351f439dd75855375451e43a4f8e4bc"
age: 2254
x-cache: Hit from cloudfront
content-length: 12059
x-amz-meta-git_commit: ced24d7
last-modified: Thu, 18 Mar 2021 19:33:11 GMT
server: AmazonS3
date: Fri, 19 Mar 2021 14:30:44 GMT
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: h0z-Gnp2ohC8nDFmpb3j2xhxIsibyLiUmMjCzdhMci0n-3rF1Ea3Ww==

GET
H2 200 blocking_script.js Show response
tagan.adlightning.com/carambola/ Frame 2113 63 KB
21 KB 82ms
47ms Script
application/javascript 13.225.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/carambola/blocking_script.js
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea3b5eac0164671285c0a6e2fd8a0e6dc9ea71f00aab9959a34e927a5e6f5e68

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uz1j5ck1P_w0yf6aVEu_nBY2rTl5HDXn
content-encoding: gzip
etag: "5af2bf76d6df13b180b1a515fb477916"
age: 51605
x-cache: Hit from cloudfront
content-length: 21404
x-amz-meta-git_commit: 9a4f7ce
last-modified: Wed, 26 Aug 2020 17:36:02 GMT
server: AmazonS3
date: Fri, 19 Mar 2021 00:48:18 GMT
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: jb1l4YE-X2HdQ9kMXeGZf8tJuurE0Xy4xC2K8_hIR4tK7ZJURPfItQ==

GET
H2 200 jstag Show response
carambola-d.openx.net/w/1.0/ Frame 2113 66 KB
23 KB 66ms
38ms Script
text/javascript 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://carambola-d.openx.net/w/1.0/jstag
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 6ed33f78c07eca4846c8eebd5ce4e572858d01cbb9529a4ca988e7e4975f981d

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:17 GMT
content-encoding: gzip
server: OXGW/16.203.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 23405
expires: Fri, 19 Mar 2021 16:08:17 GMT

POST
H/1.1 204
No Content SetAdsRequest
analytics.carambo.la/ 0
0 213ms
120ms Fetch 52.3.188.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetAdsRequest
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.188.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-188-134.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:16 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 blacklist_script.js Show response
tagan.adlightning.com/carambola/ Frame DCFC 38 KB
12 KB 73ms
47ms Script
application/javascript 13.225.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/carambola/blacklist_script.js
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0208fb9ca0668efd9bbbd9fe13fc856bb48fb6443f7175198a1c71ed4bebdf55

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MRfAsEZn7e_QNGKitEkvxHHado3VotgE
content-encoding: gzip
etag: "b351f439dd75855375451e43a4f8e4bc"
age: 2254
x-cache: Hit from cloudfront
content-length: 12059
x-amz-meta-git_commit: ced24d7
last-modified: Thu, 18 Mar 2021 19:33:11 GMT
server: AmazonS3
date: Fri, 19 Mar 2021 14:30:44 GMT
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: cFGixYz90CcL-LlJxN1y-1qjx5EuPrquf1wrZBcoMv9V3o7IcIoc0w==

GET
H2 200 blocking_script.js Show response
tagan.adlightning.com/carambola/ Frame DCFC 63 KB
21 KB 72ms
47ms Script
application/javascript 13.225.74.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/carambola/blocking_script.js
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea3b5eac0164671285c0a6e2fd8a0e6dc9ea71f00aab9959a34e927a5e6f5e68

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uz1j5ck1P_w0yf6aVEu_nBY2rTl5HDXn
content-encoding: gzip
etag: "5af2bf76d6df13b180b1a515fb477916"
age: 51605
x-cache: Hit from cloudfront
content-length: 21404
x-amz-meta-git_commit: 9a4f7ce
last-modified: Wed, 26 Aug 2020 17:36:02 GMT
server: AmazonS3
date: Fri, 19 Mar 2021 00:48:18 GMT
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: mLnhNmOTTnDvd6GW7TFQQi7hGSXFJOHjr0LsWEWbNwrGklL0mll1HA==

POST
H/1.1 204
No Content SetAdsRequest
analytics.carambo.la/ 0
0 217ms
123ms Fetch 52.3.188.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetAdsRequest
Requested by: Host: route.carambo.la
URL: https://route.carambo.la/inimage/getlayer?pid=thlc94&did=112164&wid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.188.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-188-134.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:17 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 gaAccount Show response
buy.tinypass.com/api/v3/anon/assets/ 108 B
355 B 115ms
115ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=lGr3ciYmC7&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jQuery11240142392920609403_1616166493163&_=1616166493166

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b487e4c9ec07e8c9f1f8143bd57f4662a88f0e77ab3864fd868881e2d7730539

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 63279d80fd9f4dd6-FRA
date: Fri, 19 Mar 2021 15:08:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-84-86
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.002
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
cf-request-id: 08eca0c49800004dd663001000000001
x-request-id: Ct128qqKas8

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame 99B6 87 KB
20 KB 48ms
47ms Script
text/javascript 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 15:08:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Mar 2021 20:48:41 GMT
Server: nginx
ETag: W/"60468da9-15bdc"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap5ams1
Expires: Sat, 20 Mar 2021 15:08:18 GMT

GET
H2 200 siab.js Show response
cdn.tynt.com/ Frame DCFC 15 KB
6 KB 74ms
30ms Script
application/javascript 104.16.88.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/siab.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 932c9de614c0a182c900549863ddd8f3eb91963dc1e7e6ea4481f318da1e75ac

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Aug 2020 18:27:52 GMT
server: cloudflare
age: 145412
etag: W/"5f401228-3da8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 63279d82baadcc3e-ZRH
cf-request-id: 08eca0c5b50000cc3e8c3bd000000001
expires: Mon, 22 Mar 2021 15:08:17 GMT

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame 782C 87 KB
20 KB 45ms
45ms Script
text/javascript 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 15:08:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Mar 2021 20:48:41 GMT
Server: nginx
ETag: W/"60468da9-15bdc"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap5ams1
Expires: Sat, 20 Mar 2021 15:08:18 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3942
date: Fri, 19 Mar 2021 14:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 19 Mar 2021 16:02:35 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
29 B 15ms
14ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1758244695&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&ul=en-us&de=UTF-8&dt=Chinese%20spy%20on%20Bundestag%20through%20social%20media%20info%20purchased%20from%20German%20politicians%3A%20report%20-%20The%20Local&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showOffer&ea=%20offerId_OF5GTA24P5VH____templateId_OTU6M3FSD4MZ____templateVariantId_OTVN7R7RXGJUZ____aid_lGr3ciYmC7&el=Show%20offer%20offerId%3AOF5GTA24P5VH%20templateId%3AOTU6M3FSD4MZ%20templateVariantId%3AOTVN7R7RXGJUZ%20aid%3AlGr3ciYmC7&_u=6GhAAEATAAAAAC~&jid=233006040&gjid=1374117246&cid=6919505.1616166493&tid=UA-15163090-1&_gid=1767640734.1616166498&_r=1&_slc=1&z=1316151854

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thelocal.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame ADAF 46 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3942
date: Fri, 19 Mar 2021 14:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 19 Mar 2021 16:02:35 GMT

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame 99B6 159 B
549 B 31ms
31ms Script
application/x-javascript 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=423415&tid=dd1479e2a2694be0bae99439ab26c2e991747c58&mode=1&dmn=www.thelocal.de
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d89f687e26c4cac7f22989f50ef18aa21d0e4612bff71b2dd70adb71cf3161

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 15:08:17 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 145

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-15163090-1&cid=6919505.1616166493&jid=233006040&gjid=1374117246&_gid=1767640734.1616166498&_u=6GhAAEASAAAAAC~&z=1277755168

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Mar 2021 15:08:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.thelocal.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cbcc0oKcar6iK9aKkv7mNO.js Show response
sc.tynt.com/script/sc/ Frame DCFC 2 KB
1 KB 30ms
27ms Script
text/javascript 104.16.88.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sc.tynt.com/script/sc/cbcc0oKcar6iK9aKkv7mNO.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7a3ce97d39d15f59d079b5a79a081e24df93d36d468e7aea35d58592f94f108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 116408
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 68505472-4f49-4953-bbf7-0b248568f700
x-runtime: 0.002564
x-content-digest: 3257ca5fc4b2dc7d13538be334610b2150bf3437
last-modified: Mon, 15 Mar 2021 14:10:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public, s-maxage=172800
cf-request-id: 08eca0c6510000cc3e8b9a1000000001
cf-ray: 63279d83bc1ecc3e-ZRH
x-rack-cache: fresh
expires: Tue, 16 Mar 2021 12:44:02 GMT

GET
H2 200 p
ic.tynt.com/b/ 35 B
523 B 402ms
139ms Image
image/gif 208.100.17.184
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=cbcc0oKcar6iK9aKkv7mNO&lm=5&ts=1616166497852&dn=SIAB&iso=0&img=https%3A%2F%2Fwww.thelocal.de%2Fwp-content%2Fuploads%2F2018%2F07%2Fc927fa92006a23fbf3e01ed30ae03b25d1ddf22b2b0d050f124e1d2cc10c1cc1.jpg&ct=Chinese%20spy%20on%20Bundestag%20through%20social%20media%20info%20purchased%20from%20German%20politicians%3A%20report&r=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies&t=Chinese%20spy%20on%20Bundestag%20through%20social%20media%20info%20purchased%20from%20German%20politicians%3A%20report%20-%20The%20Local&cu=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&ah=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F%3Famp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.184 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:06 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
etag: "4bc8846c-23"
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-type: image/gif
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame 782C 159 B
550 B 31ms
31ms Script
application/x-javascript 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=423415&tid=f6e716739e99408895bd16556709ea9cd01f6f7d&mode=1&dmn=www.thelocal.de
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: eb520da67e16f28056bf669e7f82541592b1863077e4cb6666c3a00b8b151a06

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 15:08:17 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 146

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
271 B 21ms
21ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-15163090-1&cid=6919505.1616166493&jid=233006040&_u=6GhAAEASAAAAAC~&z=1208921259

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-15163090-1&cid=6919505.1616166493&jid=233006040&_u=6GhAAEASAAAAAC~&z=1208921259

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sic.js Show response
cdn-sic.33across.com/1/javascripts/ Frame DCFC 441 KB
129 KB 126ms
77ms Script
application/javascript 104.16.39.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.39.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Love
Resource Hash: 32a7ced3ccdc6b7327926b3cdd3b989e1c6faa327b2c2e850043d52945062d57

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Mar 2021 21:31:47 GMT
server: cloudflare
age: 78482
x-powered-by: Love
etag: W/"605123c3-6e581"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 63279d844c1a2355-ZRH
cf-request-id: 08eca0c6ac000023559e88a000000001
expires: Fri, 19 Mar 2021 16:08:18 GMT

GET
H2 200 sic.css
cdn-sic.33across.com/1/stylesheets/ Frame DCFC 7 KB
2 KB 29ms
29ms Stylesheet
text/css 104.16.39.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.39.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Love
Resource Hash: 4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Mar 2021 21:31:47 GMT
server: cloudflare
age: 78476
x-powered-by: Love
etag: W/"605123c3-1c90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 63279d857f8e2355-ZRH
cf-request-id: 08eca0c76900002355b9116000000001
expires: Fri, 19 Mar 2021 16:08:18 GMT

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ Frame F611 87 KB
31 KB 85ms
30ms Script
application/javascript 184.30.24.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-185.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 1ffb3eb67476de4a642893eefb2ffd33e62c7474808fc21438d5a961cd4982f6

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 15:08:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Feb 2021 14:55:39 GMT
Server: nginx/1.13.10
ETag: "6022a26b-15c8c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 30966
Expires: Sat, 20 Mar 2021 15:08:20 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 0C1F 119 KB
31 KB 103ms
47ms Script
application/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 14:59:38 GMT
content-encoding: gzip
server: Server
age: 519
etag: d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id: eJuMIzYiDZDRTn1eExhBrjmvl9ZGziOXSH4q8mX513dMn8avdwtNZg==

GET
H2 200 authorize Show response
sic.33across.com/ Frame DCFC 2 KB
1 KB 412ms
133ms Script
text/javascript 67.202.110.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://sic.33across.com/authorize?usPrivacy=&version=3.15.0&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&product=siab&userId=&sessionId=&publisherURL=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&referrerURL=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies&publisherId=cbcc0oKcar6iK9aKkv7mNO&publisher=thelocalde300.com&displayableSizes=300x250&maxTouchPoints=0&navigatorPropsCount=56&viewportWidth=300&viewportHeight=250&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=300&pageHeight=250&_=1616166498157&callback=_tynt_jp.a9f7zbb6c

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.202.110.21 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

Software

/ Love

Resource Hash

b812025e5adcf99bc32d66e710f2e324739bb300e28bfd98ed2545ca2c068f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-powered-by: Love
etag: W/"6a9-Iz4XGJ++DBuhFK+7W1kiPPS+HOU"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: text/javascript; charset=utf-8
access-control-allow-headers: X-Requested-With, Authorization

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
359 B 408ms
138ms Script
application/javascript 208.100.17.181
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=cbcc0oKcar6iK9aKkv7mNO&dn=SIAB&cc=1&r=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/siab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:17 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
359 B 406ms
136ms Script
application/javascript 208.100.17.181
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&id=cbcc0oKcar6iK9aKkv7mNO&dn=SIAB&cc=1&r=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/siab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:08 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0C1F 6 KB
3 KB 79ms
26ms XHR
application/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 76089
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 06 Mar 2021 01:32:40 GMT
server: AmazonS3
date: Thu, 18 Mar 2021 18:00:11 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: vhjrJDnN5WlsYKp38c4iU1Hl6Y28xZMDIf1vUWMp60pgAqLksSa_bg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D71B 58 KB
20 KB 39ms
38ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

f24bd9007a64984a1fac394d0ed07ecdf282d143fb22cc331bb2fa8b0a12fd91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "816 / 65 of 1000 / last-modified: 1616152376"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19833
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:18 GMT

GET
H3-Q050 200 pubads_impl_2021031601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D71B 285 KB
100 KB 33ms
32ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 08:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102421
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:18 GMT

GET
H2

200

acj Show response
carambola-d.openx.net/w/1.0/ Frame 2113
Redirect Chain

https://carambola-d.openx.net/w/1.0/acj?ai=2561260d-08c6-443c-bfd7-ee9bb320809f&o=4220878153&callback=OX_4220878153&ju=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-informati...
https://carambola-d.openx.net/w/1.0/acj?cc=1&ai=2561260d-08c6-443c-bfd7-ee9bb320809f&o=4220878153&callback=OX_4220878153&ju=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-info...

2 KB
1 KB

118ms
118ms

Script
application/json

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://carambola-d.openx.net/w/1.0/acj?cc=1&ai=2561260d-08c6-443c-bfd7-ee9bb320809f&o=4220878153&callback=OX_4220878153&ju=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/&jr=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies&auid=540747247&dims=1600x1200&adxy=275%2C6453&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=728x90&ifr=1&tws=1600x1200&mt=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 5ecfa4b5eac46050bc62b2995a7bad808809b1fb8a573b457aa9a73c141f369c

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:18 GMT
content-encoding: gzip
server: OXGW/16.203.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: application/json
alt-svc: clear
content-length: 884
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://carambola-d.openx.net/w/1.0/acj?cc=1&ai=2561260d-08c6-443c-bfd7-ee9bb320809f&o=4220878153&callback=OX_4220878153&ju=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/&jr=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies&auid=540747247&dims=1600x1200&adxy=275%2C6453&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=728x90&ifr=1&tws=1600x1200&mt=1
date: Fri, 19 Mar 2021 15:08:18 GMT
via: 1.1 google
server: OXGW/16.203.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame B5B6
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb

668 B
749 B

35ms
35ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 23bb37f31ed5b1815d396e56b01adfc40eb0d6fd45c3993b5566d15efeb21579

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelocal.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=5fc2ba89-3f41-096e-25e0-2d677cd84638|1616166498
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelocal.de/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=5fc2ba89-3f41-096e-25e0-2d677cd84638|1616166498; Version=1; Expires=Sat, 19-Mar-2022 15:08:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616166498|gekin0vNiygu; Version=1; Expires=Sat, 03-Apr-2021 15:08:18 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.203.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 19 Mar 2021 15:08:18 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=5fc2ba89-3f41-096e-25e0-2d677cd84638|1616166498; Version=1; Expires=Sat, 19-Mar-2022 15:08:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.203.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
date: Fri, 19 Mar 2021 15:08:18 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

acj Show response
carambola-d.openx.net/w/1.0/ Frame 3492
Redirect Chain

https://carambola-d.openx.net/w/1.0/acj?ai=4cf99859-8ca6-426c-bf62-9d7da01aae0c&o=4549886111&callback=OX_4549886111&ju=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-informati...
https://carambola-d.openx.net/w/1.0/acj?cc=1&ai=4cf99859-8ca6-426c-bf62-9d7da01aae0c&o=4549886111&callback=OX_4549886111&ju=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-info...

1 KB
843 B

226ms
226ms

Script
application/json

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://carambola-d.openx.net/w/1.0/acj?cc=1&ai=4cf99859-8ca6-426c-bf62-9d7da01aae0c&o=4549886111&callback=OX_4549886111&ju=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/&jr=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies&auid=540747245&dims=1600x1200&adxy=1070%2C1874&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=300x250&ifr=1&tws=1600x1200&mt=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 286cbc7f1968f511ccd18b5a30f75886a54afac1591e486201a763c0fe5fbd7b

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:19 GMT
content-encoding: gzip
server: OXGW/16.203.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: application/json
alt-svc: clear
content-length: 649
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://carambola-d.openx.net/w/1.0/acj?cc=1&ai=4cf99859-8ca6-426c-bf62-9d7da01aae0c&o=4549886111&callback=OX_4549886111&ju=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/&jr=https%3A//www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies&auid=540747245&dims=1600x1200&adxy=1070%2C1874&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=300x250&ifr=1&tws=1600x1200&mt=1
date: Fri, 19 Mar 2021 15:08:18 GMT
via: 1.1 google
server: OXGW/16.203.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame CF66
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb

498 B
629 B

37ms
37ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 53420dbc89bfc8cd31183ea4eea7ef9e3c8ff347997ffae852fc93f0cf98a014

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelocal.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=5fc2ba89-3f41-096e-25e0-2d677cd84638|1616166498; pd=v2|1616166498|gekin0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelocal.de/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=5fc2ba89-3f41-096e-25e0-2d677cd84638|1616166498; Version=1; Expires=Sat, 19-Mar-2022 15:08:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616166498|mWkigqiysLommOgevNgunsn0; Version=1; Expires=Sat, 03-Apr-2021 15:08:18 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.203.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 19 Mar 2021 15:08:18 GMT
content-type: text/html
content-length: 316
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=bd24f4bb-d12e-09d5-1022-f64c8fd38120|1616166498; Version=1; Expires=Sat, 19-Mar-2022 15:08:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.203.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
date: Fri, 19 Mar 2021 15:08:18 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B5B6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4ca86054-be62-4200-bf7e-53fb96aada9a

43 B
106 B

34ms
33ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4ca86054-be62-4200-bf7e-53fb96aada9a
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:18 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 19 Mar 2021 15:08:18 GMT
Server: MT3 3611 f10363c master zrh-pixel-x7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=4ca86054-be62-4200-bf7e-53fb96aada9a
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 19 Mar 2021 15:08:17 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B5B6
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1mewAoIyswTNNLAD0jaoD9Iy5wfNYrAOgWIlGVb9

43 B
180 B

33ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1mewAoIyswTNNLAD0jaoD9Iy5wfNYrAOgWIlGVb9
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:18 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=1mewAoIyswTNNLAD0jaoD9Iy5wfNYrAOgWIlGVb9
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B5B6
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8227325059438948332

43 B
106 B

35ms
35ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8227325059438948332
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:18 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:18 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8227325059438948332
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame B5B6 70 B
265 B 270ms
174ms Image
image/gif 99.80.71.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=8c6e85d0-96c6-3699-7f36-e58f18ff75c5&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.71.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B5B6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTAwMTU2MWEtNWZiMS02ODNkLTZhZDYtYmYzNmQyMWRiYmE1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTAwMTU2MWEtNWZiMS02ODNkLTZhZDYtYmYzNmQyMWRiYmE1&google_tc=

170 B
484 B

81ms
48ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTAwMTU2MWEtNWZiMS02ODNkLTZhZDYtYmYzNmQyMWRiYmE1&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTAwMTU2MWEtNWZiMS02ODNkLTZhZDYtYmYzNmQyMWRiYmE1&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B5B6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDUfzYFaZkb7630RRNIA3mQ&google_cver=1

43 B
106 B

33ms
33ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDUfzYFaZkb7630RRNIA3mQ&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDUfzYFaZkb7630RRNIA3mQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CF66
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2801290956954932617&gdpr=0&gdpr_consent=&us_privacy=

43 B
106 B

34ms
33ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=2801290956954932617&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:18 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=2801290956954932617&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 19 Mar 2021 15:08:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

dds
rtb.openx.net/sync/ Frame CF66
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=UzgP7D9Aj7eZQqk4y-ZPfw==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
145 B

32ms
32ms

Image
image/gif

35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:18 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-request-id: h2ptp3l44ei2mcopv7nglnojreuta09l

Redirect headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 18a9e394-066a-a4d0-4ee1-f37ae7a8b88c
pr-bh.ybp.yahoo.com/sync/openx/ Frame CF66 43 B
840 B 102ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/18a9e394-066a-a4d0-4ee1-f37ae7a8b88c?gdpr=0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame CF66
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=CB6STQQG1LngJA5

43 B
106 B

36ms
36ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=CB6STQQG1LngJA5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:18 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:18 GMT
Server: PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-0bdbeb4516d61c7d8@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=CB6STQQG1LngJA5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CF66
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
https://x.bidswitch.net/sync?dsp_id=59&user_id=355bdb0f-82b0-4192-a631-e1771acb9723&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=635df4fc-921a-4ad7-b2db-e115c09fb7f0

43 B
106 B

34ms
34ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=635df4fc-921a-4ad7-b2db-e115c09fb7f0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=635df4fc-921a-4ad7-b2db-e115c09fb7f0
date: Fri, 19 Mar 2021 15:08:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame CF66
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFRHRVN0FxWDBBQUJBNmJYaXNtdw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEDtU7AqX0AABA6bXismw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2&_bee_ppp=1
https://rtb-csync.smartadserver.com/redir

43 B
181 B

104ms
36ms

Image
image/gif

185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:19 GMT
x-smrt-reason: 5
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir
Date: Fri, 19 Mar 2021 15:08:19 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 siab.js Show response
cdn.tynt.com/ Frame 0B61 15 KB
6 KB 31ms
31ms Script
application/javascript 104.16.88.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/siab.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 932c9de614c0a182c900549863ddd8f3eb91963dc1e7e6ea4481f318da1e75ac

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Aug 2020 18:27:52 GMT
server: cloudflare
age: 145413
etag: W/"5f401228-3da8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 63279d8a3ff9cc3e-ZRH
cf-request-id: 08eca0ca6d0000cc3ef43be000000001
expires: Mon, 22 Mar 2021 15:08:18 GMT

GET
H2 200 c__u64Kcar6ikLaKkGJozW.js Show response
sc.tynt.com/script/sc/ Frame 0B61 2 KB
1 KB 28ms
28ms Script
text/javascript 104.16.88.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sc.tynt.com/script/sc/c__u64Kcar6ikLaKkGJozW.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbfbbebfc4915aeabba6cdd86a22e1c214f3184fd6c0149ef18f99c319a1e1a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 328102
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: bb6982c5-d9d2-4c65-b8ee-6b9716860663
x-runtime: 0.002221
x-content-digest: eb73a028ad242a49a527277bc22e89bc1e7f3f7b
last-modified: Sat, 13 Mar 2021 15:10:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public, s-maxage=172800
cf-request-id: 08eca0ca8c0000cc3ee7bab000000001
cf-ray: 63279d8a7875cc3e-ZRH
x-rack-cache: fresh
expires: Sun, 14 Mar 2021 03:36:24 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
359 B 135ms
133ms Script
application/javascript 208.100.17.181
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&id=c__u64Kcar6ikLaKkGJozW&dn=SIAB&cc=2&r=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/siab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:06 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sic.js Show response
cdn-sic.33across.com/1/javascripts/ Frame 0B61 441 KB
129 KB 30ms
29ms Script
application/javascript 104.16.39.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.39.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Love
Resource Hash: 32a7ced3ccdc6b7327926b3cdd3b989e1c6faa327b2c2e850043d52945062d57

Request headers

Referer: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Mar 2021 21:31:47 GMT
server: cloudflare
age: 78482
x-powered-by: Love
etag: W/"605123c3-6e581"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 63279d8aae822355-ZRH
cf-request-id: 08eca0caac00002355ddbbb000000001
expires: Fri, 19 Mar 2021 16:08:18 GMT

GET
H/1.1 200
OK fpi.js Show response
ap.lijit.com/www/delivery/ Frame 6233 5 KB
3 KB 31ms
31ms Script
text/javascript 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?5GRBWCodaF&_ADTIME_&z=423415&width=300&height=250
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:19 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"60468d89-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap5ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 sic.css
cdn-sic.33across.com/1/stylesheets/ Frame 0B61 7 KB
2 KB 26ms
26ms Stylesheet
text/css 104.16.39.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.39.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Love
Resource Hash: 4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Mar 2021 21:31:47 GMT
server: cloudflare
age: 78477
x-powered-by: Love
etag: W/"605123c3-1c90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 63279d8b2fea2355-ZRH
cf-request-id: 08eca0cafc00002355f8082000000001
expires: Fri, 19 Mar 2021 16:08:19 GMT

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ Frame E2B4 87 KB
31 KB 38ms
38ms Script
application/javascript 184.30.24.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-185.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 1ffb3eb67476de4a642893eefb2ffd33e62c7474808fc21438d5a961cd4982f6

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 15:08:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Feb 2021 14:55:39 GMT
Server: nginx/1.13.10
ETag: "6022a26b-15c8c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 30966
Expires: Sat, 20 Mar 2021 15:08:21 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame A0AC 119 KB
31 KB 45ms
45ms Script
application/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 14:59:38 GMT
content-encoding: gzip
server: Server
age: 520
etag: d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id: Q7PrqytOqISbmh-JEpCUaWC6sx2diFF3riYeDpNj7py1zLMji1ZcYQ==

GET
H2 200 authorize Show response
sic.33across.com/ Frame 0B61 2 KB
1 KB 133ms
133ms Script
text/javascript 67.202.110.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://sic.33across.com/authorize?usPrivacy=&version=3.15.0&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&product=siab&userId=&sessionId=&publisherURL=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&referrerURL=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies&publisherId=c__u64Kcar6ikLaKkGJozW&publisher=thelocal.de728.com&displayableSizes=728x90&maxTouchPoints=0&navigatorPropsCount=56&viewportWidth=728&viewportHeight=90&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=728&pageHeight=90&_=1616166499070&callback=_tynt_jp.a7io6ak17

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.202.110.21 , United States, ASN32748 (STEADFAST, US),

Reverse DNS

Software

/ Love

Resource Hash

b065c9e7f6a38267488d59b3ccd79d4d2206376be52049fd3943c74ea6014dad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-powered-by: Love
etag: W/"68c-AY92UIHcD8SJeVEywpCsw+SK89g"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: text/javascript; charset=utf-8
access-control-allow-headers: X-Requested-With, Authorization

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame 6233 87 KB
20 KB 51ms
51ms Script
text/javascript 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 15:08:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Mar 2021 20:48:41 GMT
Server: nginx
ETag: W/"60468da9-15bdc"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap5ams1
Expires: Sat, 20 Mar 2021 15:08:19 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame A0AC 6 KB
3 KB 35ms
35ms XHR
application/javascript 13.226.158.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-204.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 76090
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 06 Mar 2021 01:32:40 GMT
server: AmazonS3
date: Thu, 18 Mar 2021 18:00:11 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: PFhk724QXwyOR3n_P2FzUqMpRkGVpkmh5NuXYxKlJwKEBt7Rj0qXmw==

GET
H2 200 json Show response
trc.taboola.com/thelocal-de/trc/3/ 16 KB
6 KB 245ms
243ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/thelocal-de/trc/3/json?tim=16%3A08%3A19.163&lti=deflated&data=%7B%22id%22%3A207%2C%22ii%22%3A%22%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1616066135315%2C%22vi%22%3A1616166499141%2C%22cv%22%3A%2220210315-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22e%22%3A%22https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8339%2C%22nsid%22%3A%22thelocal-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a-new%3Apub%3Dthelocal-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A8179.25%2C%22mw%22%3A849.59375%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210315-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f091613c58a459ea16e6a124259939924f03c4b13b2a77f0becc58e99fc39d7

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 213
date: Fri, 19 Mar 2021 15:08:19 GMT
content-encoding: gzip
server: nginx
x-timer: S1616166499.185889,VS0,VE213
x-served-by: cache-hhn11532-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.thelocal.de
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame 6233 159 B
550 B 34ms
34ms Script
application/x-javascript 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=423415&tid=700d5d7484224e64a3a6e58e41c7b5f6345bd926&mode=1&dmn=www.thelocal.de
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: f13eec16f8d8b93c2f746b89c77d9fb62a9e5628e20d9284df831ad1633df593

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 15:08:19 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 146

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 38D1 58 KB
20 KB 33ms
33ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

f24bd9007a64984a1fac394d0ed07ecdf282d143fb22cc331bb2fa8b0a12fd91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "816 / 894 of 1000 / last-modified: 1616152376"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19833
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:19 GMT

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame 37E0 0
296 B 136ms
136ms XHR
multipart/form-data 3.130.124.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.124.204 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-124-204.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Mar 2021 15:08:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.thelocal.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H/1.1 204
No Content a
ingestion.contentinsights.com/ 0
88 B 45ms
45ms Image
text/plain 18.200.192.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ingestion.contentinsights.com/a?d=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&f=2145&pid=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&b=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies&u=1616166493746.76718001.46314812&ul=1616166493747.945224829.1282169&at=5&ar=5&sp=11&ts=1616166499&seq=1&x=0.8929154904615633&err=&ver=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.192.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-192-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 19 Mar 2021 15:08:19 GMT

GET
H3-Q050 200 pubads_impl_2021031601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 38D1 285 KB
100 KB 32ms
32ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/carambola/blocking_script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 08:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102421
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:08:19 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 13 KB
5 KB 24ms
23ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210315-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3847b34f48dbd5b8bdd88297961a5ea449f385f8200491b7b9eb19179e5c9aad

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: GTEQjQBNpBY881lThn1bHeQ70sxuI36_
content-encoding: gzip
etag: "38e8b44d38cf84eb666bcec04c8347b9"
age: 6771
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4357
x-amz-id-2: k4M+zGoffB0zX0JweXpmq9ArAqGIXwm1mSV+7cx5RR6pIE2IiekG4y4k6e/ONB2iJMq9jjI9AO4=
x-served-by: cache-hhn11532-HHN
last-modified: Wed, 17 Mar 2021 13:13:47 GMT
server: AmazonS3
x-timer: S1616166499.448749,VS0,VE0
date: Fri, 19 Mar 2021 15:08:19 GMT
vary: Accept-Encoding
x-amz-request-id: BTWDG7JSQK34JFE9
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 45
x-cache-hits: 74684

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 3 KB
990 B 24ms
24ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210315-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8907c988abce36758d87a639ef2ddaa025c0338402a80f4e71b7b2450cc7861c

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FyU75WazRsiEew8mV1P.ejYIF3IEfCEj
content-encoding: gzip
etag: "fa3c5d1be5ff23d2bbc39878e37cc0ec"
age: 6767
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 749
x-amz-id-2: LVE8qTvwfCxeC3NEx0CNSwsj4LRwavLtjH5yjqrCvt1Jm57Ii3MttY9SLn6IyEMjYbdDAmuLaUU=
x-served-by: cache-hhn11532-HHN
last-modified: Wed, 17 Mar 2021 13:13:46 GMT
server: AmazonS3
x-timer: S1616166499.449223,VS0,VE0
date: Fri, 19 Mar 2021 15:08:19 GMT
vary: Accept-Encoding
x-amz-request-id: S946DT5J2F1RHZRP
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 45
x-cache-hits: 74422

GET
H2 200 tfa-eid.20210315-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 27ms
26ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210315-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thelocal-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e799ee7232b6a8224c552e6ca7a4c4b176a9843a333da9e10197e2c2da57037

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: DsKZyoCuIQsIKrYypJ_NrYdDyJn6pWyS
content-encoding: gzip
etag: "6f76cebaa4594a1f02b4d066db60c2d2"
age: 41
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 4856
x-amz-id-2: z+AFCn5g/lz+SNoeQO3jO4Hbc6pV7ihUtdT0lAsHfUTz0SOy3LeX5DoFhjB52MhGp8beECL3pzY=
x-served-by: cache-hhn11532-HHN
last-modified: Thu, 18 Mar 2021 11:12:16 GMT
server: AmazonS3
x-timer: S1616166499.454166,VS0,VE0
date: Fri, 19 Mar 2021 15:08:19 GMT
vary: Accept-Encoding
x-amz-request-id: MWFT0GJCJR18XXX1
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 45
x-cache-hits: 361

GET
H2 200 sha256.20210315-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 26ms
26ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210315-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thelocal-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e404a37a2dd0c6af68d3d4619b4f8078a5c4b0f49ba628277db4025c9c94bdba

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: EwZ9OmT9TXjPHRNiLPb3RZIAc0Ky2ZEj
content-encoding: gzip
etag: "9b8f271b21b98d33a6bd3fdc2cbce64b"
age: 24
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2596
x-amz-id-2: P+0rJBzwuCIuvuMWTGKM1Ad5oQcBMZLEG+nCvdqx2Q/wvjyxk+ScEgBAYXQqSiyAsqL8/j/dRdU=
x-served-by: cache-hhn11532-HHN
last-modified: Thu, 18 Mar 2021 11:12:25 GMT
server: AmazonS3
x-timer: S1616166499.454188,VS0,VE0
date: Fri, 19 Mar 2021 15:08:19 GMT
vary: Accept-Encoding
x-amz-request-id: H9V3ZRF0AXVSRMXV
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 45
x-cache-hits: 201

GET
H2 200 userx.20210315-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 22 KB
8 KB 28ms
27ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210315-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thelocal-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5691018f4a6b7ae3ecabd782c5877a4bb20bc4c9a3f1bacab95859e398594544

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: IUcMc.IxwULtplK1R.YUpALXkYOjkN9F
content-encoding: gzip
etag: "a1bd4fe3c8b5e52ba04a18c26ed4a0e9"
age: 10
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7810
x-amz-id-2: fuESG0dPyJgYlmHCV970/vSiCLuxCiG5m7/EczITWXINtk7v/KcCn58fHFDpDIB7AqQ8QRKjVbM=
x-served-by: cache-hhn11532-HHN
last-modified: Thu, 18 Mar 2021 11:12:11 GMT
server: AmazonS3
x-timer: S1616166499.470708,VS0,VE0
date: Fri, 19 Mar 2021 15:08:19 GMT
vary: Accept-Encoding
x-amz-request-id: PDDFR1427VA7HH94
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 45
x-cache-hits: 11

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame ADD0
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c661adab-15b4-447d-ad39-fb727d3d0483
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c661adab-15b4-447d-ad39-fb727d3d0483&tbid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&query=taboola_hm%3Dc661adab-15b4-...

0
53 B

36ms
34ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c661adab-15b4-447d-ad39-fb727d3d0483&tbid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&query=taboola_hm%3Dc661adab-15b4-447d-ad39-fb727d3d0483&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish
server: nginx
x-timer: S1616166500.646075,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11532-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=c661adab-15b4-447d-ad39-fb727d3d0483&tbid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&query=taboola_hm%3Dc661adab-15b4-447d-ad39-fb727d3d0483&isDirect=0
tbl-x-upstream: 10.41.34.64:10213
date: Fri, 19 Mar 2021 15:08:19 GMT
server: nginx
x-fastly-to-nlb-rtt: 12723

GET
H2

204

/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame ADD0
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KMGFT04M-L-M4CY

0
56 B

84ms
84ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KMGFT04M-L-M4CY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 60
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish
server: nginx
x-timer: S1616166500.587911,VS0,VE60
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn11532-HHN

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KMGFT04M-L-M4CY
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame ADD0
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=wqtF8oaiSI4a&ev=1&orig=trc&pid=562107

0
218 B

32ms
31ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=wqtF8oaiSI4a&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Fri, 19 Mar 2021 15:08:19 GMT
server: nginx
x-fastly-to-nlb-rtt: 12738

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=wqtF8oaiSI4a&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-568ff9c7d-2p95b
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame ADD0 43 B
695 B 105ms
48ms Image
image/gif 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:19 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.254:80
AN-X-Request-Uuid: 01b8e2d5-9c3a-41f7-98e8-d968492c4492
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame ADD0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDgj4a8mb_UUjn2NpOgW-Rs&google_cver=1

0
229 B

81ms
81ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDgj4a8mb_UUjn2NpOgW-Rs&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 56
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish
server: nginx
x-timer: S1616166500.546544,VS0,VE56
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11532-HHN

Redirect headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDgj4a8mb_UUjn2NpOgW-Rs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame ADD0 42 B
805 B 155ms
38ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3:$UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 19 Mar 2021 15:08:19 GMT
X-lat: lhrpug015:0:622
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame ADD0
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D1%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3

170 B
190 B

35ms
34ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3
tbl-x-upstream: 10.41.34.222:10213
date: Fri, 19 Mar 2021 15:08:19 GMT
server: nginx
x-fastly-to-nlb-rtt: 12725

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame ADD0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=6783188d-fbdc-46bd-ba69-157e3d3d6811

0
60 B

76ms
76ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=6783188d-fbdc-46bd-ba69-157e3d3d6811
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 53
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish
server: nginx
x-timer: S1616166500.575000,VS0,VE53
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11532-HHN

Redirect headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:19 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=6783188d-fbdc-46bd-ba69-157e3d3d6811
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame ADD0
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&us_privacy=&gdpr=1&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&us_privacy=&gdpr=1&gdpr_consent=&dnr=1

0
433 B

40ms
40ms

Image
text/plain

216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&us_privacy=&gdpr=1&gdpr_consent=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:19 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:20 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&us_privacy=&gdpr=1&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame ADD0 49 B
728 B 307ms
112ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-568ff9c7d-tk9cb
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame ADD0 43 B
715 B 102ms
33ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:19 GMT
cache-control: no-cache,no-store
x-smrt-reason: 5
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame ADD0 42 B
233 B 329ms
109ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:19 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 204 put
e1.emxdgt.com/ Frame ADD0 0
59 B 222ms
32ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:19 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame ADD0
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=bef8f873-75f4-4ee3-8033-1501df0fe8eb

0
226 B

35ms
33ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=bef8f873-75f4-4ee3-8033-1501df0fe8eb
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Fri, 19 Mar 2021 15:08:19 GMT
server: nginx
x-fastly-to-nlb-rtt: 16951

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=bef8f873-75f4-4ee3-8033-1501df0fe8eb
cache-control: no-cache
date: Fri, 19 Mar 2021 15:08:19 GMT
server-processing-duration-in-ticks: 2667
content-type: text/html; charset=utf-8
content-length: 222
expires: Fri, 19 Mar 2021 00:00:00 GMT

GET
H/1.1

400
Request failed due to privacy signals

getuid
ib.adnxs.com/ Frame ADD0
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&gdpr=1&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=1&gdpr_consent=

0
0

26ms
26ms

Image
text/html

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Location: https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=1&gdpr_consent=
Date: Fri, 19 Mar 2021 15:08:19 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame ADD0
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=cNZ7jTeVD0qfluHaZL5UYA

0
217 B

30ms
30ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=cNZ7jTeVD0qfluHaZL5UYA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.64:10213
date: Fri, 19 Mar 2021 15:08:20 GMT
server: nginx
x-fastly-to-nlb-rtt: 21907

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=cNZ7jTeVD0qfluHaZL5UYA
date: Fri, 19 Mar 2021 15:08:20 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame ADD0 35 B
380 B 481ms
121ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Fri, 19 Mar 2021 15:08:07 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame ADD0 0
155 B 321ms
106ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=181bdef1-7e9c-4c15-b1dd-c103c55a2c2f-tuct74e43e3&_r=7142402
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Mar 2021 15:08:19 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2 200 sync
x.bidswitch.net/ Frame ADD0 43 B
145 B 24ms
23ms Image
image/gif 52.57.230.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=taboola&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.230.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-230-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 8fa17eae-65d2-4a2e-8c00-2f3c96343726.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ugxvd.com/content/ 14 KB
14 KB 133ms
24ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ugxvd.com/content/8fa17eae-65d2-4a2e-8c00-2f3c96343726.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ae9d9b4cfdd63b207c9fdeb7149581a36883a6578b9967ec8b300e67bcfe477f

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 701604
edge-cache-tag: 433106608474186389862744353450578173001,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Tue, 16 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ugxvd.com/content/8fa17eae-65d2-4a2e-8c00-2f3c96343726.jpg
content-length: 13990
x-served-by: cache-dca17759-DCA, cache-dca17723-DCA, cache-fra19135-FRA
last-modified: Sat, 13 Feb 2021 07:53:29 GMT
server: cloudinary
x-timer: S1616166500.812417,VS0,VE1
etag: "6892c77897f89a39949903cd930dbe9f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 1922f0dc8699bf8edcf7c727cbc43d75.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
28 KB 59ms
43ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1922f0dc8699bf8edcf7c727cbc43d75.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 7ec6e9f8c167ce3d26718492862758f62915298a5ca29e728c2671ba8061fb9f

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1990920
edge-cache-tag: 501991697550487891663960137911228562269,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sat, 13 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1922f0dc8699bf8edcf7c727cbc43d75.jpg
content-length: 28694
x-served-by: cache-dca17777-DCA, cache-dca17770-DCA, cache-fra19135-FRA
last-modified: Wed, 10 Feb 2021 09:24:55 GMT
server: cloudinary
x-timer: S1616166500.812811,VS0,VE1
etag: "73b827fcc50e32948596d6c1b4145eac"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 bd53bebd59eddb6c512e006d9375eb9a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
11 KB 38ms
28ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bd53bebd59eddb6c512e006d9375eb9a.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 342ce04b850051c9216fa4343680112916be0902d4759243b66c87e3033ae889

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 282237
edge-cache-tag: 498580164785168105661360453885274781966,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bd53bebd59eddb6c512e006d9375eb9a.jpg
content-length: 10919
x-request-id: 3a5da02645c253de85bda0a011cf2362
x-served-by: cache-dca17721-DCA, cache-dca17746-DCA, cache-fra19135-FRA
last-modified: Thu, 11 Mar 2021 09:06:49 GMT
server: cloudinary
x-timer: S1616166500.812719,VS0,VE1
etag: "9bbcb04480e01d75627492d671d11162"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 c9ce6dabb8a2a675da041103c6d0a937.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 28ms
27ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9ce6dabb8a2a675da041103c6d0a937.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d9ad4b68f410451a407ea6653433470432ca0fc724f4f88c285955fda5bc5747

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 940344
edge-cache-tag: 321695163510162725474367161169682697153,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9ce6dabb8a2a675da041103c6d0a937.png
content-length: 17675
x-request-id: d2da57460fb53d0eec0ae5a1649fb12d
x-served-by: cache-dca17722-DCA, cache-dca12925-DCA, cache-fra19135-FRA
last-modified: Tue, 02 Mar 2021 16:01:34 GMT
server: cloudinary
x-timer: S1616166500.841596,VS0,VE0
etag: "80e6a54d178a79b7810398031ba23a93"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 d19d043390a436aa1ee95ee7f19fa113.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
12 KB 34ms
32ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d19d043390a436aa1ee95ee7f19fa113.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2ade3df123ae2329f36f0ef0edcc2a49ad41263fdd7ccd8ee273ec8395d46171

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1912099
edge-cache-tag: 510443706028666341693402418536857129849,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d19d043390a436aa1ee95ee7f19fa113.jpg
content-length: 12115
x-request-id: 7424b50c9a753708d8e38194bf5cc8ad
x-served-by: cache-dca17730-DCA, cache-dca17742-DCA, cache-fra19135-FRA
last-modified: Thu, 11 Feb 2021 09:36:17 GMT
server: cloudinary
x-timer: S1616166500.842076,VS0,VE0
etag: "6c9d8ec1cac890bb196ca2fbc5369358"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 4870

GET
H2 200 492fe1c3be232ef811ac2ddbe676c30b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
8 KB 44ms
43ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/492fe1c3be232ef811ac2ddbe676c30b.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 46807b315e6e42555155a869a464bb19043d66d69f7c01d6f57ca0e11e5035aa

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 777883
edge-cache-tag: 622378390412425794420935175213523019148,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Thu, 01 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/492fe1c3be232ef811ac2ddbe676c30b.jpg
content-length: 7692
x-served-by: cache-dca17778-DCA, cache-dca17767-DCA, cache-fra19135-FRA
last-modified: Mon, 01 Mar 2021 20:58:32 GMT
server: cloudinary
x-timer: S1616166500.842068,VS0,VE1
etag: "86062a4d827c3df66550310ac58cff5f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 1d2b347f362cd4afc53c183012bf2ad3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 37ms
35ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1d2b347f362cd4afc53c183012bf2ad3.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6319369e93ca201bf146fa7153b67b45365329876877ec3efa6a6b4ac8047cff

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2843930
edge-cache-tag: 527484469247298166899581780283282135130,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sat, 13 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1d2b347f362cd4afc53c183012bf2ad3.jpg
content-length: 14718
x-served-by: cache-dca17772-DCA, cache-dca17776-DCA, cache-fra19135-FRA
last-modified: Wed, 10 Feb 2021 15:15:37 GMT
server: cloudinary
x-timer: S1616166500.841941,VS0,VE0
etag: "88225e9a64b551b14edbd0c05d0dd6d7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1231

GET
H2 200 938707d0-8210-41e3-b7dd-42a82672d526.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//odkpe.com/content/ 13 KB
14 KB 37ms
36ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//odkpe.com/content/938707d0-8210-41e3-b7dd-42a82672d526.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b4e0a8e2537196a9a4f535c37333c4550f4d2538167ac3bdecc9abd52960082f

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2319005
edge-cache-tag: 608192531839994941974009696537283523377,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Fri, 19 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//odkpe.com/content/938707d0-8210-41e3-b7dd-42a82672d526.png
content-length: 13459
x-served-by: cache-wdc5564-WDC, cache-dca17737-DCA, cache-fra19135-FRA
last-modified: Tue, 16 Feb 2021 14:24:07 GMT
server: cloudinary
x-timer: S1616166500.841916,VS0,VE1
etag: "6b1d2d808cdd0f2a19ef370856750c03"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
691 B 26ms
25ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 27235
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn11532-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1616166500.842554,VS0,VE0
date: Fri, 19 Mar 2021 15:08:19 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 45
x-cache-hits: 48565

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ugxvd.com/content/8fa17eae-65d2-4a2e-8c00-2f3c96343726.jpg
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ae9d9b4cfdd63b207c9fdeb7149581a36883a6578b9967ec8b300e67bcfe477f

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 701604
edge-cache-tag: 433106608474186389862744353450578173001,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Tue, 16 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ugxvd.com/content/8fa17eae-65d2-4a2e-8c00-2f3c96343726.jpg
content-length: 13990
x-served-by: cache-dca17759-DCA, cache-dca17723-DCA, cache-fra19135-FRA
last-modified: Sat, 13 Feb 2021 07:53:29 GMT
server: cloudinary
x-timer: S1616166500.843469,VS0,VE0
etag: "6892c77897f89a39949903cd930dbe9f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bd53bebd59eddb6c512e006d9375eb9a.jpg
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 342ce04b850051c9216fa4343680112916be0902d4759243b66c87e3033ae889

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 282237
edge-cache-tag: 498580164785168105661360453885274781966,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bd53bebd59eddb6c512e006d9375eb9a.jpg
content-length: 10919
x-request-id: 3a5da02645c253de85bda0a011cf2362
x-served-by: cache-dca17721-DCA, cache-dca17746-DCA, cache-fra19135-FRA
last-modified: Thu, 11 Mar 2021 09:06:49 GMT
server: cloudinary
x-timer: S1616166500.864119,VS0,VE0
etag: "9bbcb04480e01d75627492d671d11162"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1922f0dc8699bf8edcf7c727cbc43d75.jpg
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 7ec6e9f8c167ce3d26718492862758f62915298a5ca29e728c2671ba8061fb9f

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1990920
edge-cache-tag: 501991697550487891663960137911228562269,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sat, 13 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1922f0dc8699bf8edcf7c727cbc43d75.jpg
content-length: 28694
x-served-by: cache-dca17777-DCA, cache-dca17770-DCA, cache-fra19135-FRA
last-modified: Wed, 10 Feb 2021 09:24:55 GMT
server: cloudinary
x-timer: S1616166500.874846,VS0,VE0
etag: "73b827fcc50e32948596d6c1b4145eac"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9ce6dabb8a2a675da041103c6d0a937.png
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d9ad4b68f410451a407ea6653433470432ca0fc724f4f88c285955fda5bc5747

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 940344
edge-cache-tag: 321695163510162725474367161169682697153,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9ce6dabb8a2a675da041103c6d0a937.png
content-length: 17675
x-request-id: d2da57460fb53d0eec0ae5a1649fb12d
x-served-by: cache-dca17722-DCA, cache-dca12925-DCA, cache-fra19135-FRA
last-modified: Tue, 02 Mar 2021 16:01:34 GMT
server: cloudinary
x-timer: S1616166500.896487,VS0,VE0
etag: "80e6a54d178a79b7810398031ba23a93"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d19d043390a436aa1ee95ee7f19fa113.jpg
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2ade3df123ae2329f36f0ef0edcc2a49ad41263fdd7ccd8ee273ec8395d46171

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1912099
edge-cache-tag: 510443706028666341693402418536857129849,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d19d043390a436aa1ee95ee7f19fa113.jpg
content-length: 12115
x-request-id: 7424b50c9a753708d8e38194bf5cc8ad
x-served-by: cache-dca17730-DCA, cache-dca17742-DCA, cache-fra19135-FRA
last-modified: Thu, 11 Feb 2021 09:36:17 GMT
server: cloudinary
x-timer: S1616166500.896456,VS0,VE0
etag: "6c9d8ec1cac890bb196ca2fbc5369358"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 4871

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/492fe1c3be232ef811ac2ddbe676c30b.jpg
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 46807b315e6e42555155a869a464bb19043d66d69f7c01d6f57ca0e11e5035aa

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 777883
edge-cache-tag: 622378390412425794420935175213523019148,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Thu, 01 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/492fe1c3be232ef811ac2ddbe676c30b.jpg
content-length: 7692
x-served-by: cache-dca17778-DCA, cache-dca17767-DCA, cache-fra19135-FRA
last-modified: Mon, 01 Mar 2021 20:58:32 GMT
server: cloudinary
x-timer: S1616166500.896471,VS0,VE0
etag: "86062a4d827c3df66550310ac58cff5f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1d2b347f362cd4afc53c183012bf2ad3.jpg
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6319369e93ca201bf146fa7153b67b45365329876877ec3efa6a6b4ac8047cff

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2843930
edge-cache-tag: 527484469247298166899581780283282135130,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sat, 13 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1d2b347f362cd4afc53c183012bf2ad3.jpg
content-length: 14718
x-served-by: cache-dca17772-DCA, cache-dca17776-DCA, cache-fra19135-FRA
last-modified: Wed, 10 Feb 2021 15:15:37 GMT
server: cloudinary
x-timer: S1616166500.896410,VS0,VE0
etag: "88225e9a64b551b14edbd0c05d0dd6d7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1232

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//odkpe.com/content/938707d0-8210-41e3-b7dd-42a82672d526.png
Requested by: Host: www.thelocal.de
URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b4e0a8e2537196a9a4f535c37333c4550f4d2538167ac3bdecc9abd52960082f

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 19 Mar 2021 15:08:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2319005
edge-cache-tag: 608192531839994941974009696537283523377,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Fri, 19 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//odkpe.com/content/938707d0-8210-41e3-b7dd-42a82672d526.png
content-length: 13459
x-served-by: cache-wdc5564-WDC, cache-dca17737-DCA, cache-fra19135-FRA
last-modified: Tue, 16 Feb 2021 14:24:07 GMT
server: cloudinary
x-timer: S1616166500.896394,VS0,VE0
etag: "6b1d2d808cdd0f2a19ef370856750c03"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

POST
H2 204 bulk Show response
trc.taboola.com/thelocal-de/log/3/ 0
395 B 85ms
85ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/thelocal-de/log/3/bulk?route=IL%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210315-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 61
pragma: no-cache
date: Fri, 19 Mar 2021 15:08:20 GMT
via: 1.1 varnish
server: nginx
x-timer: S1616166501.501266,VS0,VE61
x-served-by: cache-hhn11532-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.thelocal.de
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 / Show response
vast.aniview.com/api/adserver61/vast/ Frame 37E0 7 B
249 B 12ms
12ms XHR
text/xml 2a02:26f0:1700:59a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=5d8ccec528a0617cae5a0755&AV_CHANNELID=5df8c8b028a061081675d741&AV_URL=&cb=abef03ad1616166500948&AV_WIDTH=850&AV_HEIGHT=478
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:59a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: aea6e4fc64cbd4b2ab6a125656e4bc9024212bf672074d70b62f5a1545f97687

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:20 GMT
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/xml
access-control-allow-origin: https://www.thelocal.de
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7
expires: Fri, 19 Mar 2021 15:08:20 GMT

GET
H2 200 bridge3.447.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1C2C 576 KB
188 KB 8ms
8ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.447.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelocal.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelocal.de/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192496
date: Sun, 14 Mar 2021 13:29:38 GMT
expires: Mon, 14 Mar 2022 13:29:38 GMT
last-modified: Sun, 14 Mar 2021 13:23:56 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 437922
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BAFB 36 KB
12 KB 25ms
25ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 14:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2454
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:27:26 GMT

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame 37E0 0
296 B 136ms
136ms XHR
multipart/form-data 3.130.124.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.124.204 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-124-204.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Mar 2021 15:08:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.thelocal.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 37E0 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 15:08:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1C2C 156 B
185 B 191ms
190ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F1774138%2Fse_highlights_midroll&description_url=http%3A%2F%2Fthelocal.de&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2867346037236068&sdkv=h.3.447.1&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=1517408555&sdk_apis=2%2C8&sid=EF223DCA-499C-4A92-B425-68644FB7F2E3&eid=44733378&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&dlt=1616166492889&idt=8127&dt=1616166501479&cookie_enabled=1&scor=594896011566356&ged=ve4_td8_tt6_pd8_la8000_er4176.200.4329.500_vi0.0.1200.1600_vp0_ts5_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content p
ingestion.contentinsights.com/ 0
88 B 46ms
45ms Image
text/plain 18.200.192.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ingestion.contentinsights.com/p?a=The%20Local&b=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies&c=Chinese%20spy%20on%20Bundestag%20through%20social%20media%20info%20purchased%20from%20German%20politicians%3A%20report&d=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&e=News&f=2145&g=2018-07-06T12%3A18%3A24%2B02%3A00&h=espionage&i=&j=&k=&l=&m=&pid=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&u=1616166493746.76718001.46314812&ul=1616166493747.945224829.1282169&x=0.8929154904615633&pn_count=0&wc=791&t=1&err=&ver=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.192.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-192-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 19 Mar 2021 15:08:23 GMT

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame 37E0 0
296 B 136ms
136ms XHR
multipart/form-data 3.130.124.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.124.204 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-124-204.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Mar 2021 15:08:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.thelocal.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 37E0 309 B
497 B 163ms
163ms XHR
multipart/form-data 3.130.124.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.124.204 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-124-204.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: bf14d46643ee83805f158f70e9034566b5f76adfbc5c901172c0e4cfce464673

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Mar 2021 15:08:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.thelocal.de
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 / Show response
vast.aniview.com/api/adserver61/vast/ Frame 37E0 7 B
249 B 10ms
9ms XHR
text/xml 2a02:26f0:1700:59a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=5d8ccec528a0617cae5a0755&AV_CHANNELID=5df8c8b028a061081675d741&AV_URL=&cb=042d11821616166506948&AV_WIDTH=850&AV_HEIGHT=478
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:59a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: aea6e4fc64cbd4b2ab6a125656e4bc9024212bf672074d70b62f5a1545f97687

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 15:08:26 GMT
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/xml
access-control-allow-origin: https://www.thelocal.de
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7
expires: Fri, 19 Mar 2021 15:08:26 GMT

GET
H2 200 bridge3.447.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0B28 576 KB
188 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.447.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thelocal.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.thelocal.de/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192496
date: Sun, 14 Mar 2021 13:29:38 GMT
expires: Mon, 14 Mar 2022 13:29:38 GMT
last-modified: Sun, 14 Mar 2021 13:23:56 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 437929
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EDE0 36 KB
12 KB 26ms
26ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelocal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 14:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2461
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:27:26 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 37E0 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 15:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0B28 156 B
287 B 151ms
151ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F1774138%2Fse_highlights_midroll&description_url=http%3A%2F%2Fthelocal.de&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4373786034193446&sdkv=h.3.447.1&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=1517408555&sdk_apis=2%2C8&sid=EF223DCA-499C-4A92-B425-68644FB7F2E3&eid=44733378&url=https%3A%2F%2Fwww.thelocal.de%2F20180706%2Fseveral-german-mps-sold-sensitive-information-to-chinese-spies%2F&dlt=1616166492889&idt=14607&dt=1616166507965&cookie_enabled=1&scor=965961010073876&ged=ve4_td15_tt13_pd15_la15000_er4176.200.4329.500_vi0.0.1200.1600_vp0_ts7_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame 37E0 0
296 B 137ms
137ms XHR
multipart/form-data 3.130.124.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.124.204 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-124-204.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Mar 2021 15:08:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.thelocal.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame 37E0 0
296 B 137ms
137ms XHR
multipart/form-data 3.130.124.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=108993
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.124.204 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-124-204.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 19 Mar 2021 15:08:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.thelocal.de
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tinypass.com/	1970-01-21 04:56:06	Name: LANG Value: en_US
www.thelocal.de/	1970-01-19 16:56:08	Name: _ain_cid Value: 1616166493746.76718001.46314812
.thelocal.de/	1970-01-19 17:39:14	Name: __pat Value: 3600000
.thelocal.de/	1970-01-20 01:41:42	Name: xbc Value: %7Bjbd%7DeyJwayI6IkFEd1hGSDFwUkl1bnZyWjQyUm00QXdramVGSDMzdGFjQ2xKWFhuZUJSYTI0cTlVS1E3VlZ6OGhpSkxvbSIsInNrIjoibEdyM2NpWW1DNyIsInYiOjN9
.thelocal.de/	1970-01-20 01:41:42	Name: __tbc Value: %7Bjbd%7DeyJwayI6IkFEd1hGSDFwUkl1bnZyWjQyUm00QXdramVGSDMzdGFjQ2xKWFhuZUJSYTI0cTlVS1E3VlZ6OGhpSkxvbSIsInNrIjoibEdyM2NpWW1DNyIsInYiOjN9
.google.com/	1970-01-19 21:19:37	Name: NID Value: 211=D6z0IxUri2qpDHOhAV-NK3om8K2itEJGrcZz53EKOQWVbLyknbSrtHooFtWktFjfxLdoLgXyF6QIm3jJ6C0-bWKwJEF0UamfIJbXPrDqUdyE_jPz4V4wNsLg3GOah_XhHcfnI8sI7o5UyQm6CnEiInBwbWD4RoZHccXAr50BLnE
www.thelocal.de/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1616166493705%2C%22visitNumber%22%3A1%7D
www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies	1970-01-23 08:32:06	Name: ls___tp-exrs Value: null
www.thelocal.de/	1970-01-19 19:05:38	Name: __pnahc Value: 0
.tinypass.com/	1970-01-19 16:56:10	Name: ch_sid Value: 96fq4qnSw9EO3rX
www.thelocal.de/	1970-01-20 01:41:42	Name: pnespsdk_visitor Value: vlfdyrni4annguu4
.thelocal.de/	1970-01-25 20:05:16	Name: STC Value: 8e6fc3c13b4d4ce9da2b595fffd87299
www.thelocal.de/	1970-01-19 16:56:06	Name: __adblocker Value: false
.thelocal.de/	1970-01-19 16:57:32	Name: __pvi Value: %7B%22id%22%3A%22v-2021-03-19-16-08-13-233-ic9Eec7FTLQltAZW-ea5022ebe555fcc98dd7269f9305916b%22%2C%22domain%22%3A%22.thelocal.de%22%2C%22time%22%3A1616166493735%7D
.thelocal.de/	1970-01-20 10:27:18	Name: _ga_XFSR2700S9 Value: GS1.1.1616166493.1.0.1616166493.0
.thelocal.de/	1970-01-20 10:27:18	Name: _ga Value: GA1.1.6919505.1616166493
.thelocal.de/	1970-01-19 19:05:42	Name: _fbp Value: fb.1.1616166493369.1032061824
.tinypass.com/	1970-01-19 16:57:32	Name: LANG_CHANGED Value: en_US
.thelocal.de/	1970-01-20 10:27:18	Name: _ga_4QDBGH7879 Value: GS1.1.1616166493.1.0.1616166493.0
.thelocal.de/	1970-01-19 16:57:32	Name: _gid Value: GA1.2.1152248113.1616166493
.thelocal.de/	1970-01-19 17:39:14	Name: __pil Value: en_US
www.thelocal.de/	1969-12-31 23:59:59	Name: wordpress_test_cookie Value: WP%20Cookie%20check
www.thelocal.de/	1970-01-20 10:27:18	Name: _ain_uid Value: 1616166493747.945224829.1282169
.thelocal.de/	1970-01-20 10:27:18	Name: _ga_68EFP8XFKZ Value: GS1.1.1616166493.1.0.1616166493.0
www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies	1970-01-23 08:32:06	Name: ls___tp-exrs-expiration Value: 1616173693

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.thelocal.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://www.thelocal.de/20180706/several-german-mps-sold-sensitive-information-to-chinese-spies/(Line 373) Message: Private browsing is OFF
console-api	error	URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.thelocal.de(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 1765939700386961.
console-api	log	URL: https://cdn.tinypass.com/api/tinypass.min.js(Line 1) Message: TP: Invalid containerSelector
console-api	log	URL: https://news.google.com/swg/js/v1/swg.js(Line 38) Message: Subscriptions Runtime: 0.1.22.152
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.122.1(Line 1) Message: Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA?compressed=true&v=12.122.1(Line 1) Message: Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api	info	URL: https://acdn.adnxs.com/ast/ast.js(Line 1) Message: AST library loaded: 0.36.0
console-api	info	URL: https://acdn.adnxs.com/ast/ast.js(Line 1) Message: AST library loaded: 0.36.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.turn.com
ads.avct.cloud
adservice.google.com
analytics.carambo.la
analytics.twitter.com
ap.lijit.com
api-esp.piano.io
api-v3.tinypass.com
api.fouanalytics.com
api.tinypass.com
apiwp.thelocal.com
bh.contextweb.com
bttrack.com
buy.tinypass.com
c.amazon-adsystem.com
c1.adform.net
capi.connatix.com
carambola-d.openx.net
cd.connatix.com
cdata.carambo.la
cdn-sic.33across.com
cdn.adpushup.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.tinypass.com
cdn.tynt.com
cdnjs.cloudflare.com
cds.connatix.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
content.carambo.la
cx.atdmt.com
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com
de.tynt.com
dis.criteo.com
dsp.adkernel.com
e1.emxdgt.com
e3.adpushup.com
eu-u.openx.net
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
ic.tynt.com
id.tinypass.com
id5-sync.com
image2.pubmatic.com
images.taboola.com
imasdk.googleapis.com
img.connatix.com
ingestion.contentinsights.com
inimage.carambo.la
itp.thelocal.com
logging.carambo.la
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
media.carambo.la
news.google.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.watch
play.google.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
px.ads.linkedin.com
quantcast.mgr.consensu.org
route.carambo.la
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.c.appier.net
s0.2mdn.net
s3.amazonaws.com
sc.tynt.com
secure.quantserve.com
securepubads.g.doubleclick.net
sic.33across.com
simage2.pubmatic.com
snap.licdn.com
stackpath.bootstrapcdn.com
static.ads-twitter.com
stats.g.doubleclick.net
storage.googleapis.com
sync-t1.taboola.com
sync.mathtag.com
sync.taboola.com
t.co
tagan.adlightning.com
trc.taboola.com
us-u.openx.net
vast.aniview.com
vid.connatix.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.npttech.com
www.thelocal.de
x.bidswitch.net
xtr.carambo.la
104.16.39.14
104.16.88.26
104.244.42.197
104.244.42.67
13.225.74.50
13.226.158.204
139.162.84.221
141.226.224.32
141.226.228.48
142.250.185.162
142.250.186.34
151.101.114.137
151.101.12.157
151.101.13.44
151.101.194.137
152.195.39.46
174.137.133.49
178.250.2.151
18.158.22.14
18.159.182.76
18.195.155.181
18.200.192.108
18.215.29.8
184.30.24.141
184.30.24.185
185.29.132.69
185.64.190.80
185.86.137.133
192.132.33.46
198.148.27.139
199.232.137.44
2001:678:cb4:bbbb::11
205.234.175.175
208.100.17.181
208.100.17.184
216.52.2.48
23.97.225.52
2600:9000:211e:5800:6:44e3:f8c0:93a1
2600:9000:2182:1e00:9:46dc:4700:93a1
2606:4700::6810:125e
2606:4700::6810:f015
2606:4700::6811:b7b1
2606:4700::6811:b8b1
2606:4700::6811:bab1
2606:4700::6812:bcf
2606:4700:e4::ac40:a002
2606:4700:e6::ac40:ce18
2620:116:800d:21:51e4:db4b:4436:b305
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1288:110:c305::8000
2a00:1450:4001:800::2003
2a00:1450:4001:801::200e
2a00:1450:4001:803::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::2006
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::2010
2a00:1450:400c:c0c::9c
2a02:26f0:1700:59a::2c79
2a02:26f0:7100:191::25ea
2a03:2880:f00a:2:face:b00c:0:8c
2a03:2880:f00a:e:face:b00c:0:3
2a03:2880:f10a:83:face:b00c:0:25de
2a04:4e42:1b::621
3.10.77.94
3.130.124.204
3.226.154.220
34.120.119.48
34.98.64.218
35.186.253.211
35.244.146.207
37.157.6.253
37.252.173.27
51.75.146.200
52.216.92.29
52.3.188.134
52.57.230.211
54.194.211.3
54.204.17.60
54.228.192.197
54.81.163.28
67.202.110.21
69.173.144.138
99.80.71.186
00b093efd11f9727aa2b663b576127e84e391b0f1dcd0826036fcded4d155a42
01745476fa67ef15daf1d7cae8abfc2915ea63f772b45d62d8dbb3aad4e3283e
01fac03305746877131be8fd1f27d7e1c2ad5da9e415e880cfce44ee1952c5af
0208fb9ca0668efd9bbbd9fe13fc856bb48fb6443f7175198a1c71ed4bebdf55
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
038be8f45615031614e5af0403110e7397c99c0d6306201b880dc7de734325f1
04b075859121bd8bae2825f760da6f0a2f0a5e9c7755370a55d51c961e41354c
04bce7219f39b12a9de15b40c1068ea0c83c4593bfb54bbe953e7543297fcd7d
06b5a25d7ea25ec305b9fa5019555e7347cc9c67f489dc3eb27eee438fd82a3a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07334c67828e50efb00fd71edd49df8cba4b6a1c2de1195e9207d0b329730a21
0832ecd51131cddcc03c71a347c71794e90905760edd857c558747638e9ef0fc
091945e32b213e13e70e14508982ad238767fcd1c74a92044addf5b6b2600b88
0b5e4a4db26a0835961408925c0266a4b45886455e6829d7b6395e2bbc05548f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c15b3f621616660acc329324f0ca67b65545e1979dfb17a0ce7f33f2238906b
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0e799ee7232b6a8224c552e6ca7a4c4b176a9843a333da9e10197e2c2da57037
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1093076ee5ff629b879d72d5f5c274a38f888e4f21e1361ccfdb952465e7e8f0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1164ca0dbe884f218dc08a764f76beb90f2205d922691543226c2f24055c520b
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
15fb44b7806997fbad22250512810480ee919d879688e666623d3ad0f7170306
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
18fb2b2ed46d09723d073d1b34370ceadab9bc77b7275373dbeeeed2e625b0ce
191e7366d6cce973320b4d7e247e3e0bd8b1d5605b2f0d112979e315540da540
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1af05ca0ea00d14b415f5c71727fca80eae8320703bc2053814e17f9262f0683
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1ed454bf0eaa68b8e85ab477e355894d5c6352ea4c68a78402b18017fc1f832f
1ffb3eb67476de4a642893eefb2ffd33e62c7474808fc21438d5a961cd4982f6
20317eb4fd072adcb54351e26b0d530c27541c1d5c8171a7b820693db5f12358
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
218c3c13c88945e8078140180291cc77e9ce674f5547003440316ffa4c5f35c3
22098c14b82c63deed882fc09f78b8745d6d5d53a352962bd9a1767f6b5fc776
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
223aef9bae69f5857f9ee4b43056cd32febffcc2ab56cc003141a3a9d11fa753
22e30d4d10965b5bac4a0d7cd6f905b766688a87118cd3a76c3b5baa8ed317b8
2326b22459b3b11bbebcd4e6c7525de39f296d1fa750bfdf65dadca14c4cb9a9
23bb37f31ed5b1815d396e56b01adfc40eb0d6fd45c3993b5566d15efeb21579
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2448951b14fa6e553e0e6e0c95d66121c17113b6dc6218202691a058ecba5568
265ed8a897adc6424196f6761ddc750dfe729ee0efb3d8a0a7640b8d6e09e498
2707752f21948ac6df175d9271b8b7f1e981b0ccac1445b07d09d88f06b75353
286cbc7f1968f511ccd18b5a30f75886a54afac1591e486201a763c0fe5fbd7b
29507fd3a172d0d54a23c53defa95fe78dbf477c5577b7b789abc2946c8a40d8
2ade3df123ae2329f36f0ef0edcc2a49ad41263fdd7ccd8ee273ec8395d46171
2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797
2b6798acd048bc421a581c13627dceaee2dc59f6c219b3dd420f5b5691c71f16
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2ff8f5ddba2eda0f4362b1cd55e32b5018ebe37a054105c11258e8d9763685bc
32a7ced3ccdc6b7327926b3cdd3b989e1c6faa327b2c2e850043d52945062d57
3344b9fdf206fd3f0f57e0cf12885efa76a4bbe38899900b4723d4dac0d1f876
342ce04b850051c9216fa4343680112916be0902d4759243b66c87e3033ae889
37abd326c023146c1fbee1581bf625e61d25f6002ffe1a2098bdb797c2462451
3847b34f48dbd5b8bdd88297961a5ea449f385f8200491b7b9eb19179e5c9aad
392183a83e52266ceefcd0e47b10d52581dc0cec111cbf3ed57552852b458a00
3c538dd53748eea964a55c803d7db4ebcd63ba1a82658816914d5941696f18b5
3d50ed03725bc078a4106303e73484cb85284313aa363a71db22f39f844e1687
3f88adf5feabb115fa35dd2ea8f232ec72c1e542b23d46c478e97735868d61df
436cbe4f9350ad17cca7e1fc3bd58fb8a820ed7784ddd8b27afe1b3f3b5d000a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45698cee6ddb267e99fa7694a91ce26750b717760331b6915228a635c2b4ce22
459cba4f908024b565fd499c3b301eb5dba0cc742ee31901817bd366e91d37a0
46807b315e6e42555155a869a464bb19043d66d69f7c01d6f57ca0e11e5035aa
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
48d1f942045a6ba60b6cab826fb8e0ec3dcbda8acbc17e560817ed481ed8f38a
4a610931c40cb0a68ef05aade61768eabe1bb5fce7f76fe4de45d94f8685377c
4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68
4b2663d1b6ab47cc12dc010b0e3ae1af14a3001bcabc890404d0e66206cee6d8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf598540a493639117ab1a567971f6b68719dc22efc48c14f5a66efba3e92df
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4df73bdbef6a89c7e40c2c6f127b366b2b48acbd7fd28b66207aeda0e7950495
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed704a2787cc242f7c36e52aa6b25d1486a15e957e700e662b4c894542a5e69
4fff9adf26e9a1036f736376ac60818b70ec4ae5de414853f1a116ca6cee7a73
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50f3dd96e8784a1efd81a8c754c243aad94ae5f5473eeb48744a78cb3e0d6d40
526dbb26f408af685b791fe62b0e53d666af31d9fe84fb40c4feb2b6fffc61cb
53420dbc89bfc8cd31183ea4eea7ef9e3c8ff347997ffae852fc93f0cf98a014
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc
5691018f4a6b7ae3ecabd782c5877a4bb20bc4c9a3f1bacab95859e398594544
599896f4170d7de5bbded85c96263e5b350c6069f99a66ae2d49a9d3994dc504
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d343d429fb8043b93112d5205c715baead5867fd65f7670323fb76f9ce35a15
5d85232d6d908969ab03204157266bd34c1c639c4d7497796ee840a0217d622e
5e0d7c507cf900775df1d347c362c6ab870162905b31ca3b2b4afd5f73fad98f
5e87fab4ec1fbf5ee31fbbe9c5385131e9a7c8eaafc422a6eab9898f02354e56
5e93c9b648a51416a92aa86d1a5b7d7637d91a410f402af531832cf9ec131b7f
5ecfa4b5eac46050bc62b2995a7bad808809b1fb8a573b457aa9a73c141f369c
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
6319369e93ca201bf146fa7153b67b45365329876877ec3efa6a6b4ac8047cff
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
688420b8dde92de0e3a9c4d0d634aeb05e903be0872f3911675fe5e7e5f994d7
6ab6973be39cb0972c545bb35bafd11c4d61d38bc9d5624a9f185c3a43d9f500
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d561c8aab0a24f4d9b6465ebe9ee951a741d037870db7538be4df6232a4f852
6ed33f78c07eca4846c8eebd5ce4e572858d01cbb9529a4ca988e7e4975f981d
70d067735991c685e2ff4b1002571d94671a3cc0b93a4c367a9f268c2d4a8a97
72ae348633f65e8fc8a7616aa16f61cf43ff0048d75d2c16d106ffa4f24ac976
73274a078cc01bd643e574c2bbf21e89229a01485b071ba2fd5ff4a566cdeb55
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
744ef5d57e9dec4dfeff24af9a6028cd68bf4e692f658c8f48279e472ee074b2
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
75f2833f3700d77a0c92cbbb1d17302a322fefa1ca10f1f61df3f757472c03a0
77ae69cda02c889ca874d3a9247720d1c32b653d54b8c5c8fc78f8b82e81288f
782ba2dfd68a8b9c7a78fb99b352f5999d1959377f7ddf8ddcf2cb617ac0e78f
798f05d6bfa34057f8d30aa42bae10ab197cf4f23cc4cc479d3edb5571aac79c
7ec6e9f8c167ce3d26718492862758f62915298a5ca29e728c2671ba8061fb9f
7f1b6346e3493a6df4413c16a82a50bc158916c0b128caf9048744c19cc33662
82d89f687e26c4cac7f22989f50ef18aa21d0e4612bff71b2dd70adb71cf3161
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846af461e0124fe361072318117c8fd1f70925243f6d3504554b2378ace9a806
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85dae9d77e2f21dbdc0f81bb38e823c39c134fe2b4e1504d6910cd580775a7e1
860da1a0889dc7f3d6b5b0238d0dc1ddbeb2b608936540d2520440881e97a6a6
8699dfed9acef7f739dc4134c11dbc949c43e3c2e34190c5182ca6a2db6fb5a9
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
8907c988abce36758d87a639ef2ddaa025c0338402a80f4e71b7b2450cc7861c
89386f0a3d9126245e5398245fccddb4c78a08e72cefd15955cd283e22d81559
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2beb7d2709cf77daee23f49115ca5b70803116873ba5f7e721583ec8da7044
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
8ca29a3f2f07fc3b4526732694f324dfe9dd743e279398aed4d4c1d772a8c285
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d77969f93ff1ff6585ba5d8b48d3738565967b067beaf00a2b12f53173fcf71
8ddb34967f7c938719b833dc88baf7cd4322b6359cc899cb34ce3ec2a9213ef1
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f091613c58a459ea16e6a124259939924f03c4b13b2a77f0becc58e99fc39d7
902b7763b22837f28209dc69c32159ab669b1edb6ddf2a29e0b57ae0ee6992d0
932c9de614c0a182c900549863ddd8f3eb91963dc1e7e6ea4481f318da1e75ac
94925faf63d0b41fc71eb47ba76f98fbb14c058f817da9545050f74fb4c46596
95d5b200b8d23c371953a09f1a490d46b1a938b7991cb8ca3cd089cb8a57fa75
96533451953f613ec07f99c6b1f7a177cc32ed09ff0f2ce2ed5bc18d99a50125
996077d44196afe7261d71fbe86e9a888d988649e9cf6678b4798ebc5362f182
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9d0a9f5c175745f018b0b57ff220459019364dc70f41e76d18b9aec7752b07f9
9e5e3549f0558b79505382a201015ef08217949a64193fcd87f07fe1b7992efe
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9fef207c41530889038d5f65fa75cb6520a7cb7d89760b1a4ea24ce0ef5087af
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a3b59cf3c15a5896f4224c367d24e647fe14e411b8024dcc87aa37783e0cf110
a452a9cad9cb9dff8a39d2de3edcf52d6975e7cf53c491dbc35d66685eb1d285
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58121d86f32fd2d79e212852b496d1a92bbf1cea170909dd61ee62180db6fd2
a7a3ce97d39d15f59d079b5a79a081e24df93d36d468e7aea35d58592f94f108
a7bffb3b80261b00e4692dd90aa355eb1108885764feea84fbe43cae6011ae8f
ab21fef3ac4ee12ebb305942f85de99b290b8a24654c69060e54673d5f3a11f2
ab88b3cf3ffa1ee64aecfc8eb25913843288e1785c2a03a2544ebc151c1972d9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae31abd20931ac70ca57381ebeed30009c8343f1fb257f0d90e64b6b137262ea
ae9d9b4cfdd63b207c9fdeb7149581a36883a6578b9967ec8b300e67bcfe477f
aea6e4fc64cbd4b2ab6a125656e4bc9024212bf672074d70b62f5a1545f97687
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b065c9e7f6a38267488d59b3ccd79d4d2206376be52049fd3943c74ea6014dad
b06f297b6c7cf23ad1a51e2e0ae58af4dad4ef227989e366a2c06e7d6189f0aa
b24d477df88c167b18b95ea02b6c9223962e69cd767a9c19648011cc64bbe14d
b3439ba3c8b711b428c268f53d6f84c6a4d098cae1022c7cfe7be153b64a6fc0
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b3c7fe08eb53ae89c087e5cd6895c990cd60895daf2614f277ce8c0e2565b15f
b487e4c9ec07e8c9f1f8143bd57f4662a88f0e77ab3864fd868881e2d7730539
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b4e0a8e2537196a9a4f535c37333c4550f4d2538167ac3bdecc9abd52960082f
b545088a29a47136ccea1c0124a877bd80d5be9e30c973481babfd96cbc23968
b78eb1fe6783933ac78f2e62a1bde67285956387379d1db48e93fbce2bfa64f7
b812025e5adcf99bc32d66e710f2e324739bb300e28bfd98ed2545ca2c068f59
b8240c52015bf2d021c19c3882628a79e21ed4743daef9fcdfb9ada666f9cd35
b8deffaa55f9ed4e7f22f3b2ca18be0e897acd9d9adddab6a3481317dc67c18a
ba5a2163e85179a25680ed144a7be87bda09be67c0116593ebcd327f5bfa655f
ba69c608eb93b896b99720009f5137a8c6ec32d8c3e4e767c703659a6d039084
bab3e3be3f151e604757f54c35b5627db9bc4e327b6194d6f6194d005eb253d5
bc6fb0ce59f27a611b139641dcf8bb0852f28bd09973a8afc32e1aca5b37139d
bdf294d45512e50340e76e3282dc8256e1cd0e73e985e661f70b6cec720f0506
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
bebfd8d7c3108f20e4041ba16192da260a3a28227278ad03aabaca802332cdea
bf14d46643ee83805f158f70e9034566b5f76adfbc5c901172c0e4cfce464673
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649
c0eb2d328f5a07da01283f48a3b169e4209402d4fd5138b49a3d4ca0a78ec27d
c5a693ec553fed00d0a2992eb32b82b250e7c64ef7928c117d4c0949b62d4dca
c6c9e5eea4794b721d05fc34c3a8992554547f2a28633258dfffb071eb260cda
c85a8e7c2d1d0583578b2afd3a1ce469797bfa5c9d5598cba25f51f839348ec8
c9de0808d80da692f263ffd35e0eff4b9eca431045110d5b18f015bb6a073e8a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb843c08c69212bf54fe8ae575e8356e40288fa3bedabe27aedb2b5be98483dc
cbf396f6e3fdd00039ce9d2c3097e9b17aa25cf85c318378a212af7e292cbc04
cbfbbebfc4915aeabba6cdd86a22e1c214f3184fd6c0149ef18f99c319a1e1a0
cc8080d30651a7effaa91db3b7370bdd3114922c93d6fa58b25410dabb7124f9
ccfbf42da650e227d286ace78c29607b01974f812cb7ddb07c56dcfdb76ef645
cedb7b7f799a9a21e86620b15c12642d23a1bb731156f081570ce72fac29db82
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d20df16a025ef9046428ce3f5388de419404ce8fa8eafa25f4f4058fd32b9a99
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d538c8e8fc8844b0aed4e49ff156d86c90226cec8d1d003aa590fbe2db27bb3c
d63e008cb5ad29a7c54c3571e7eb33a80bd98fb114a156b51c1037ebc83f7cf0
d69c2337009085d9352dec2ab3469254fc1e6c4685203dc2b4cc7700640561ae
d960e87573e2f0cd823cee70ee932bfcf96f5ff1b08e6223ae1c290646fd6aca
d9ad4b68f410451a407ea6653433470432ca0fc724f4f88c285955fda5bc5747
dbb9f408670126fa8f1a4dee630d7b59d5928e6f8e2bcc8d042e9af33bd9a0a4
deddc2d99e04395e282e14fa4eac9106e4e879a6eee372c6077b5d71e408bd5d
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df802355461f0d1e33a9504bae10944b4995680f09655320b2c21609858e7407
e05e17c22842f1c19fd3c7c12aec5d1ffb58bf43baf91625f23b436f28d9dc50
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e404a37a2dd0c6af68d3d4619b4f8078a5c4b0f49ba628277db4025c9c94bdba
e45b56c8b4931f609b1b9ce5ebd623a17adc751532060d88740cd339243e7b2b
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
e7ab956ae2777b87598483e9f8cd2aab53ebfb8640143348fb33f38b98ff730b
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e9e5463af27d51fa85b075910f65558ea33f7f276d31126e331d33e4c9e28c69
ea3b5eac0164671285c0a6e2fd8a0e6dc9ea71f00aab9959a34e927a5e6f5e68
eac0931e09c53c9dc8bd7ecc853fdaae420bfb9ac7d237074da4a809ccdbb998
eb520da67e16f28056bf669e7f82541592b1863077e4cb6666c3a00b8b151a06
edcf6c776146cfb3953cb6bf3ab398999638e45f0158db22d57e5a7737d37a6d
ee24fe7e53826c1ee6fdbb4ee83ecbeb91aa4031a1d13430147c009411f600a2
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3d65f7b58944774499531f1ad26adcca6b8e98e11b17c8a20cd16e1bfb42ff
f13eec16f8d8b93c2f746b89c77d9fb62a9e5628e20d9284df831ad1633df593
f24bd9007a64984a1fac394d0ed07ecdf282d143fb22cc331bb2fa8b0a12fd91
f4df0547b55f54db46b6551ea0eb3380f65ea77748d4bec005867b8369c2a397
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f88e2db7e497332b17ea70a3fc9b66c6666af1e1a168893f24735cfebdafced2
f971c786d984ddaceec533086febb2c52f6b6f1b9c6fb038899aa168153afdc4
f9d9d28ffccb125a0a4dd3915d4b20989a57eb6c3e625407099ddf5c4398c843
fb7df0952620e33552c48188cd5877e0c9661c4c0a05a6e87f41af2c9a320a05
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fceaa3a8c3793af6f1537ca3f72c5a7eca9ffde0b96684f986b25247c76a7071
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
fef6d5b54da0d9e0479a9560e9236c70713eab51dbeca880a78ac30067bcceba

www.thelocal.de Open in urlscan Pro 34.120.119.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

379 Requests

99 %HTTPS

38 %IPv6

65 Domains

110 Subdomains

77 IPs

9 Countries

6839 kBTransfer

17163 kBSize

25 Cookies

46 Outgoing links

Page URL History

Redirected requests

379 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.thelocal.de Open in urlscan Pro
34.120.119.48 Public Scan

Screenshot
Live screenshot

Full Image

379
Requests

99 %
HTTPS

38 %
IPv6

65
Domains

110
Subdomains

77
IPs

9
Countries

6839 kB
Transfer

17163 kB
Size

25
Cookies

379 HTTP transactions
1 data transactions