www.stripes.com Open in urlscan Pro
3.33.168.159 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Submission: On December 07 via api (December 7th 2021, 1:11:39 pm UTC) from US — Scanned from DE

Summary HTTP 411 Redirects Links 62 Behaviour Indicators

Summary

This website contacted 84 IPs in 6 countries across 48 domains to perform 411 HTTP transactions. The main IP is 3.33.168.159, located in United States and belongs to AMAZON-02, US. The main domain is www.stripes.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 14th 2021. Valid for: a year.

This is the only time www.stripes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	3.33.168.159 3.33.168.159	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:236... 2600:9000:236e:4200:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
7	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1 15	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
7 14	202.212.180.67 202.212.180.67	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
11	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
3	3.226.53.204 3.226.53.204	14618 (AMAZON-AES) (AMAZON-AES)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
5	2600:9000:225... 2600:9000:2251:b000:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223c:4a00:c:b42a:3740:93a1	16509 (AMAZON-02) (AMAZON-02)
7	13.32.121.38 13.32.121.38	16509 (AMAZON-02) (AMAZON-02)
8	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	35.190.64.11 35.190.64.11	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	3.13.207.171 3.13.207.171	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::714	54113 (FASTLY) (FASTLY)
6	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.117.200.54 104.117.200.54	16625 (AKAMAI-AS) (AKAMAI-AS)
15	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
4	18.209.200.15 18.209.200.15	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:223... 2600:9000:223f:c600:8:9ed9:9c40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	3.90.128.247 3.90.128.247	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:6c0... 2a02:26f0:6c00:191::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::ac43:1a0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	35.158.176.54 35.158.176.54	16509 (AMAZON-02) (AMAZON-02)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:7e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:223... 2600:9000:223e:a00:3:748e:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.17 13.32.99.17	16509 (AMAZON-02) (AMAZON-02)
10	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	52.31.239.78 52.31.239.78	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
6	146.20.128.163 146.20.128.163	27357 (RACKSPACE) (RACKSPACE)
3	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
2	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
3	18.66.112.117 18.66.112.117	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
5	44.237.19.66 44.237.19.66	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ab::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb21	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28a::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 6	2a02:26f0:6c0... 2a02:26f0:6c00:2b2::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	34.225.64.38 34.225.64.38	14618 (AMAZON-AES) (AMAZON-AES)
1	3.217.20.60 3.217.20.60	14618 (AMAZON-AES) (AMAZON-AES)
25	2600:9000:223... 2600:9000:223f:e800:1e:efeb:b400:93a1	16509 (AMAZON-02) (AMAZON-02)
8	34.117.158.252 34.117.158.252	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	52.30.14.23 52.30.14.23	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.208.104.24 18.208.104.24	14618 (AMAZON-AES) (AMAZON-AES)
6	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223e:3800:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.209.192.116 34.209.192.116	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	34.96.122.219 34.96.122.219	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	() ()
411	84

36 3.33.168.159 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1c0ff5298814abde.awsglobalaccelerator.com

www.stripes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:236e:4200:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.66.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 202.212.180.67 (Nagoya, Japan) 7 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

epub.stripes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.226.53.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-53-204.compute-1.amazonaws.com

trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2251:b000:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:4a00:c:b42a:3740:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.121.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-38.fra60.r.cloudfront.net

downloads.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.64.11 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 11.64.190.35.bc.googleusercontent.com

unwieldyhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.13.207.171 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-207-171.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

vd.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

cdn.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.200.54 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-54.deploy.static.akamaitechnologies.com

mc.us2.list-manage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.209.200.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-200-15.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:c600:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-jsonp.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.90.128.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-128-247.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:191::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1a0b (United States)

ASN13335 (CLOUDFLARENET, US)

www.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.158.176.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com

depart.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

delivery.trinityaudio.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:7e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223e:a00:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-17.fra60.r.cloudfront.net

api-location-prd.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.31.239.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-239-78.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.20.128.163 (United States)

ASN27357 (RACKSPACE, US)

ssp.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-117.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.237.19.66 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-19-66.us-west-2.compute.amazonaws.com

events1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bb21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.225.64.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-64-38.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.20.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-20-60.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:223f:e800:1e:efeb:b400:93a1 (United States)

ASN16509 (AMAZON-02, US)

content1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.117.158.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.158.117.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-uw2.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.14.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.104.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-104-24.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223e:3800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.209.192.116 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-192-116.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.122.219 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 219.122.96.34.bc.googleusercontent.com

gallery.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com ade.googlesyndication.com	655 KB
50	stripes.com 7 redirects www.stripes.com epub.stripes.com	871 KB
41	avantisvideo.com cdn.avantisvideo.com static.avantisvideo.com cdn1.avantisvideo.com avm.avantisvideo.com events1.avantisvideo.com content1.avantisvideo.com	2 MB
36	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com vid.connatix.com img.connatix.com	345 KB
28	doubleclick.net pubads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	267 KB
21	2mdn.net s0.2mdn.net	258 KB
17	revcontent.com assets.revcontent.com trends.revcontent.com cdn.revcontent.com images.revcontent.com	161 KB
14	doubleverify.com 2 redirects cdn.doubleverify.com tps.doubleverify.com tpsc-uw2.doubleverify.com	192 KB
14	googletagservices.com www.googletagservices.com	294 KB
14	trinitymedia.ai trinitymedia.ai vd.trinitymedia.ai depart.trinitymedia.ai	718 KB
10	adnxs.com 2 redirects secure.adnxs.com ib.adnxs.com acdn.adnxs.com	41 KB
9	aniview.com play.aniview.com player.aniview.com track1.aniview.com go1.aniview.com sync.aniview.com	204 KB
8	mailchimp.com downloads.mailchimp.com gallery.mailchimp.com	1 MB
8	typekit.net use.typekit.net p.typekit.net	116 KB
7	stripe.com js.stripe.com q.stripe.com m.stripe.com	74 KB
7	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com	218 KB
7	googleapis.com ajax.googleapis.com fonts.googleapis.com imasdk.googleapis.com	739 KB
6	lkqd.net ssp.lkqd.net	2 KB
5	google-analytics.com www.google-analytics.com	21 KB
5	teads.tv cdn.teads.tv s8t.teads.tv t.teads.tv a.teads.tv	169 KB
5	pelcro.com js.pelcro.com www.pelcro.com api-location-prd.pelcro.com	201 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	postrelease.com jadserve.postrelease.com	3 KB
4	unwieldyhealth.com unwieldyhealth.com	31 KB
4	googletagmanager.com www.googletagmanager.com	187 KB
3	google.com www.google.com adservice.google.com	2 KB
3	moatads.com z.moatads.com s-jsonp.moatads.com	56 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	cloudflare.com cdnjs.cloudflare.com	86 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	24 KB
2	stripe.network m.stripe.network	16 KB
2	pinterest.com widgets.pinterest.com	565 B
2	reddit.com www.reddit.com	954 B
2	chartbeat.net ping.chartbeat.net	401 B
2	bugsnag.com sessions.bugsnag.com	141 B
1	adsrvr.org match.adsrvr.org	543 B
1	crwdcntrl.net id.crwdcntrl.net	337 B
1	rlcdn.com api.rlcdn.com	328 B
1	avplayer.com player.avplayer.com	71 KB
1	google.de adservice.google.de	792 B
1	gstatic.com fonts.gstatic.com	48 KB
1	adsafeprotected.com static.adsafeprotected.com	482 B
1	trinityaudio.ai delivery.trinityaudio.ai	8 KB
1	addthisedge.com v1.addthisedge.com	2 KB
1	pubmatic.com ads.pubmatic.com	53 KB
1	list-manage.com mc.us2.list-manage.com	2 KB
1	simpli.fi tag.simpli.fi	788 B
1	ntv.io s.ntv.io	113 KB
411	48

	Domain	Requested by
36	www.stripes.com	www.stripes.com
26	pagead2.googlesyndication.com	srcdoc www.stripes.com ad.doubleclick.net tpc.googlesyndication.com ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
25	content1.avantisvideo.com	player.avplayer.com
23	tpc.googlesyndication.com	www.stripes.com securepubads.g.doubleclick.net ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com
21	s0.2mdn.net	imasdk.googleapis.com ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com www.stripes.com s0.2mdn.net
14	securepubads.g.doubleclick.net	www.googletagservices.com cd.connatix.com securepubads.g.doubleclick.net www.stripes.com ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
14	www.googletagservices.com	www.stripes.com securepubads.g.doubleclick.net ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com www.googletagservices.com
14	epub.stripes.com	7 redirects www.stripes.com
12	img.connatix.com	www.stripes.com
11	capi.connatix.com	www.stripes.com cd.connatix.com
10	vid.connatix.com	cd.connatix.com
8	googleads4.g.doubleclick.net	ad.doubleclick.net www.stripes.com
7	downloads.mailchimp.com	www.stripes.com downloads.mailchimp.com
7	use.typekit.net	www.stripes.com use.typekit.net
6	ib.adnxs.com	player.aniview.com acdn.adnxs.com
6	tpsc-uw2.doubleverify.com	ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com cdn.doubleverify.com
6	cdn.doubleverify.com	2 redirects s0.2mdn.net www.stripes.com
6	images.revcontent.com	www.stripes.com
6	ssp.lkqd.net	cd.connatix.com
6	trends.revcontent.com	js.pelcro.com
6	vd.trinitymedia.ai	trinitymedia.ai www.stripes.com
5	events1.avantisvideo.com	js.pelcro.com
5	ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	depart.trinitymedia.ai	vd.trinitymedia.ai js.pelcro.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	track1.aniview.com	www.stripes.com player.aniview.com
4	ad.doubleclick.net	www.googletagservices.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	avm.avantisvideo.com	cdn1.avantisvideo.com cdn.avantisvideo.com
4	jadserve.postrelease.com	s.ntv.io www.stripes.com
4	unwieldyhealth.com	www.stripes.com js.pelcro.com unwieldyhealth.com
4	cdn.avantisvideo.com	www.stripes.com cdn.avantisvideo.com
4	assets.revcontent.com	www.stripes.com assets.revcontent.com
4	www.googletagmanager.com	www.stripes.com www.googletagmanager.com
3	q.stripe.com	www.stripes.com
3	js.stripe.com	js.pelcro.com js.stripe.com
3	api-public.addthis.com	s7.addthis.com
3	s7.addthis.com	www.stripes.com s7.addthis.com
3	trinitymedia.ai	www.stripes.com vd.trinitymedia.ai
3	cdnjs.cloudflare.com	www.stripes.com s0.2mdn.net
2	ade.googlesyndication.com
2	acdn.adnxs.com	player.aniview.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	secure.adnxs.com	2 redirects
2	tps.doubleverify.com	cdn.doubleverify.com
2	player.aniview.com	cdn.avantisvideo.com player.aniview.com
2	widgets.pinterest.com	s7.addthis.com
2	www.reddit.com	s7.addthis.com
2	www.google.com	www.stripes.com tpc.googlesyndication.com
2	t.teads.tv	www.stripes.com
2	mug.criteo.com	www.stripes.com
2	gum.criteo.com	1 redirects
2	api-location-prd.pelcro.com	js.pelcro.com
2	fonts.googleapis.com	vd.trinitymedia.ai
2	ping.chartbeat.net	www.stripes.com
2	z.moatads.com	s7.addthis.com s.ntv.io
2	sessions.bugsnag.com	js.pelcro.com
2	static.avantisvideo.com	cdn.avantisvideo.com
2	js.pelcro.com	www.stripes.com js.pelcro.com
2	platform.twitter.com	www.stripes.com platform.twitter.com
2	cds.connatix.com	www.stripes.com cd.connatix.com
2	static.chartbeat.com	www.stripes.com
1	gallery.mailchimp.com
1	m.stripe.com	m.stripe.network
1	sync.aniview.com	player.aniview.com
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	go1.aniview.com	player.aniview.com
1	player.avplayer.com	cdn.avantisvideo.com
1	play.aniview.com	cdn.avantisvideo.com
1	cdn.revcontent.com	www.stripes.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	s-jsonp.moatads.com	www.stripes.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	a.teads.tv	s8t.teads.tv
1	syndication.twitter.com	platform.twitter.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.adsafeprotected.com	www.stripes.com
1	delivery.trinityaudio.ai	vd.trinitymedia.ai
1	www.pelcro.com	js.pelcro.com
1	s8t.teads.tv	cdn.teads.tv
1	cdn1.avantisvideo.com	cdn.avantisvideo.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	ads.pubmatic.com	assets.revcontent.com
1	pubads.g.doubleclick.net	www.stripes.com
1	mc.us2.list-manage.com	downloads.mailchimp.com
1	cdn.teads.tv	www.stripes.com
1	mab.chartbeat.com	static.chartbeat.com
1	p.typekit.net	use.typekit.net
1	tag.simpli.fi	www.stripes.com
1	s.ntv.io	www.stripes.com
1	cd.connatix.com	1 redirects
1	ajax.googleapis.com	www.stripes.com
411	96

This site contains links to these domains. Also see Links.

Domain
ww2.stripes.com
veteranjobs.stripes.com
europe.stripes.com
guam.stripes.com
japan.stripes.com
korea.stripes.com
okinawa.stripes.com
obituaries.stripes.com
militarychild.stripes.com
bestofgermany.stripes.com
bestofpacific.stripes.com
letterstosanta.stripes.com
penpal.stripes.com
printshop.stripes.com
www.stripesstore.com
twitter.com
www.facebook.com
trends.revcontent.com
help.revcontent.com
www.revcontent.com
epub.stripes.com
dodcio.defense.gov
adclick.g.doubleclick.net
www.addthis.com

Subject Issuer	Validity	Valid
*.stripes.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-09-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
assets.revcontent.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
trinitymedia.ai Sectigo ECC Domain Validation Secure Server CA	`2020-12-15` - `2021-12-15`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.avantisvideo.com Amazon	`2021-11-24` - `2022-12-22`	a year	crt.sh
*.pelcro.com Amazon	`2021-01-13` - `2022-02-10`	a year	crt.sh
downloads.mailchimp.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
unwieldyhealth.com R3	`2021-11-16` - `2022-02-14`	3 months	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-12-06`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
vd.trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2020-12-15` - `2021-12-15`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
wildcardsan.list-manage.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-09-27`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
pelcro.com Sectigo RSA Extended Validation Secure Server CA	`2020-02-25` - `2022-02-18`	2 years	crt.sh
depart.trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2020-12-28` - `2021-12-28`	a year	crt.sh
delivery.trinityaudio.ai Sectigo RSA Domain Validation Secure Server CA	`2021-08-30` - `2022-08-30`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-14`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-10-21` - `2022-02-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
cdn.revcontent.com R3	`2021-11-12` - `2022-02-10`	3 months	crt.sh
images.revcontent.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
outstreamedia.com R3	`2021-10-12` - `2022-01-10`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-02-02`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
gallery.mailchimp.com GTS CA 1D4	`2021-10-23` - `2022-01-21`	3 months	crt.sh

This page contains 39 frames:

Primary Page: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Frame ID: 991988E3D030C31B23138FAD4E1DDB9B
Requests: 203 HTTP requests in this frame

Frame: https://cds.connatix.com/p/141495/connatix.player.dc.js
Frame ID: 1F1A10CDE56D5CE69824CFAFDEAAF9CA
Requests: 29 HTTP requests in this frame

Frame: https://trinitymedia.ai/player/pulse/2900005504/?playlist=//delivery.trinityaudio.ai/v1/playlist/3hp5nyrp/rss
Frame ID: C54D8A481DB5CB85131899571F1B2B3E
Requests: 7 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.stripes.com
Frame ID: 11946B79A13A70B48A86C15D53AC62E9
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 51173DBA168A47595FD2312FC8AA09F5
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 61B37E9D9C3900002AB28587C2D4EBA8
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: B6E7B9BC8760DB88916335F72ABA4671
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap
Frame ID: 09BDD24259E2FADBFFCF6C746EDFABF1
Requests: 2 HTTP requests in this frame

Frame: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&unitId=2900001605&userId=4e3293f1-f97f-48aa-bdc7-153301b03b3c&isLegacyBrowser=false&version=20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99&useCFCDN=0&themeId=267
Frame ID: 176AF3ABCAE5DFD40A0111AF1B14AB59
Requests: 6 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Frame ID: 08637C3D8B3BA9ECC6526950312E2295
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Frame ID: CFAF29CFC5439F4A7A8BC7BCF2F85B0F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: 116A88DE2395B725AFEEBE2B8753020D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: F7F9912B7A9E955220159003B866CE89
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: FD56F95F9FB090562C4E245E23E0E4E4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0D6E7544D1736AA0BF17229CB5BA82C7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1EE0B87B7D1E273829BF0729837A3ECD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3BDAB35662396F7A69324CA0D2909C55
Requests: 1 HTTP requests in this frame

Frame: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6621C1D75F0F543C720FE5D747DAF8B4
Requests: 1 HTTP requests in this frame

Frame: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 20E1A84B3F25BCDFF4C1EF59241FCF4F
Requests: 18 HTTP requests in this frame

Frame: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C1343B3153D7B9149C18B374911AEC95
Requests: 14 HTTP requests in this frame

Frame: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 58C950FD420DA1C25510B6051E2188D6
Requests: 14 HTTP requests in this frame

Frame: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A66944D5CE2598AC338C14F52CA67437
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsth4d0ImPXgZNNzQVVktHvFH8mWP3_CdGOXAD2l48no80Gx8StyxLhn3oVVxw60EpkVFmXib-s9nUmEl0Y5Ut1cPehfvnTlZEYfkyXAhgn5xhWDgW_dpwoNRpuJqHMaSPR7DS75gdCsl7ApEPyvBCCoA_ae7mQR4fJ8t5cqKm_ISZTSLkuMazE1y5k9cCF1kToxDRQARhegSb9q3e9MkTY9eg-l0qfQKV_oZCHsjo9T7ASZeD5XIgC-p5lRg8sgW1tFCQRr4iqWI5G7TmCCBNrTkWNhlMOM2fnVBKEHZ3KGYls0yXx3lRVAcElP2SU&sig=Cg0ArKJSzDp5A7B2Am6VEAE&uach_m=[UACH]&adurl=
Frame ID: C193E2BB8A324FE15EA5838ABBDA8E6F
Requests: 7 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Frame ID: 2D747884A4702F42D8438FB4BCE1503E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0D116669255893E469244C3A386B3DC4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html
Frame ID: 2C5FC8666BFC71FE652574342A510C69
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
Frame ID: 752598F93C7D8ED91CE7B6B6F7A596D6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 59F7B6522E4F4D0898557107C6313624
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B28D8F1703BF28E004BBE67185D83279
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 44135E68FFA44F02525978C14425A08B
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1874.js
Frame ID: 81EF6034C271300C3E305825B30382CA
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1874.js
Frame ID: B9F11D61D52D48CE00F7239F25F547A4
Requests: 5 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1638882685268-935392687883-006748-004-006714&biddername=55&key=8268148276647502419
Frame ID: 8E7CC79BCECEA858305F76A0E2FC5372
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: 3FF4EA7B57DE5792875C135B1776D189
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 0165220CA841796D30336CA19A3394D1
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4E43A912B06ECD430301FF0BABDADFF1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A294805073CCC43DCEB28E8B3BB1CA2
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DE26E16C9045DC7576294D48005F7BEE
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 10D2ADAAF8E25373DBD057CAA36AF113
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Report says Russian hackers haven’t eased spying efforts | Stars and StripesEmailPrintRedditTwitterFacebookPinterestAddThis

Page Statistics

411
Requests

97 %
HTTPS

43 %
IPv6

48
Domains

96
Subdomains

84
IPs

6
Countries

9545 kB
Transfer

21357 kB
Size

51
Cookies

62 Outgoing links

These are links going to different origins than the main page.

URL: https://ww2.stripes.com/subscribe/support-our-mission
Title: Support our mission

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/communities
Title: Communities

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/veterans/valoans
Title: VA Loans

Search URL Search Domain Scan URL

URL: https://veteranjobs.stripes.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/rewards-for-readers
Title: Rewards for readers

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/subscribe
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/epaper
Title: ePaper

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/help/archives-faq
Title: Archives/Library

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/epaper/special-publications
Title: Special Publications

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/subscribe/apps
Title: Mobile Apps

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/subscribe/newsletters
Title: Email Newsletters

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/subscribe/digital-access
Title: Digital Access

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/subscribe/home-delivery
Title: Home Delivery

Search URL Search Domain Scan URL

URL: https://europe.stripes.com/
Title: Stripes Europe

Search URL Search Domain Scan URL

URL: https://guam.stripes.com/
Title: Stripes Guam

Search URL Search Domain Scan URL

URL: https://japan.stripes.com/
Title: Stripes Japan

Search URL Search Domain Scan URL

URL: https://korea.stripes.com/
Title: Stripes Korea

Search URL Search Domain Scan URL

URL: https://okinawa.stripes.com/
Title: Stripes Okinawa

Search URL Search Domain Scan URL

URL: https://obituaries.stripes.com/
Title: In Memoriam

Search URL Search Domain Scan URL

URL: https://militarychild.stripes.com/
Title: Month of the Military Child

Search URL Search Domain Scan URL

URL: https://bestofgermany.stripes.com/
Title: Best of Germany

Search URL Search Domain Scan URL

URL: https://bestofpacific.stripes.com/
Title: Best of the Pacific

Search URL Search Domain Scan URL

URL: https://letterstosanta.stripes.com/
Title: Letters to Santa

Search URL Search Domain Scan URL

URL: https://penpal.stripes.com/
Title: Pen Pal

Search URL Search Domain Scan URL

URL: https://printshop.stripes.com/
Title: Printshop

Search URL Search Domain Scan URL

URL: https://www.stripesstore.com/
Title: eStore

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/help
Title: customer help

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/contact
Title: contact us

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/help/miscellaneous-faq
Title: faq

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/advertise
Title: advertise with us

Search URL Search Domain Scan URL

URL: https://twitter.com/starsandstripes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/stripesmedia/

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=9TodY0PzYYhAQRjO2L6FRB3WQaDTsX3UD4p1IbUOze0KXV5a%2FrZiPjfKRsBSaIAbI%2FU4br0cOyhXlqOEueLtAzk%2FD8%2BvDCpHcn%2BnpSh38yWY3%2BnJ98P0LKDUSWjVAfokD25xzJUdh3XqdTI3NR0cB2TutKkIxDBFrKbRe5xJrkZy3mMn6EEa7HJoobiRADTGoWEP4Bv7b4m1kGjO0Y8V0KCn0heVBpBahooIKmyBqMXUuZr5ipB4vJFBV1KkAgohzU1pvkooll7nI%2FqXyEQxlL6RHS4aFVqr5KFyX7x6rua58ptgY78fRJaB1aA%2Fi02QWb74iUZNkkZHkfcmniWw5TDDMi%2B05muc2b1pSvRUe4jdlEYOQu6aWuOhO1GBpMvCc%2Fc5RPMmwstoWBVxwbHFM8%2FDqcc6oawiTNrqGNnQXcQYH05nIzvS9luWf2zGXN0qC47sLClmPxm8xsy3YOsXFtZzadOhTZvu5NbpM2UDUxoYiDNjyZAQXTPq5adJBiVCok2DDAPZ4m1pq3uqolLyYPOq8aRNE2gZGEMd6JW4Vis3gpksI3Ra%2BWRQsOIR6P0WCLu9%2B%2F5owkW4FwkarSSupxV7VSCyFBpNUO4u45X6MZ1dXc747yw7WwJBUFNn4DT8kMqmdTJU1KwJuGchF%2B4AHurwHsHckVWywc05bXs0eYUjIPp%2F76g5vzIVBsgoIWzBNCYHafjnCuDE1uNWajtQHjL0nFjjM39nbVA9xk7m08arVyZ8YFip4ZBELmi9lBFbM%2BmKI9Q9oPuhsDvpBkp1cmemOyjwMFusJpJA0uBb6Y85XfQAWZMSerzDZY%2BdZRYtnYIdOOmPNYjovfwsWD%2BhtrROqC%2Bewxsen7EIyZ0wPyA5hhDyuYTj0ynErsdEaUCKWI9TgSf67pJSxFt3XnINkctygBWZKGNtnXz5v6HV4txJ6Wbecxw5dl0qNcfOpsaRzUBSv30gpsEPFrBG%2Fx4VGKPA4dxEt%2FEQIxFQ7YR10c1kWQ6bEAXw0EwTh9MIl6jUH%2FZGCU%2BhwNKQtjN0KGV%2FKu3UHE9xcThkZmbzQtSnurQCQzQT2MiQaeW5bI7iZGEobGDx4c5Ril4NrZ06K7Xv4tEaJjUF3E9FQhDpJECG%2BbOziT6Ii4MfHPn4YCtL7jXvJqCU8ZOwiw7xaHKFWgKiKwYvC9R7XqcQBa1AhGY1hzuycxkY0KAaBHp5JBo0dw7XVwzdyNSzTiGif41NN7iQYwtLFQn8FnNvPUsC0GnTn%2BUz4m9rW3377D5uHI78v%2Bs4UTFqYUtA40cpIXpIT7B3PnIKVNGeaeecp2JR4DQKvU5BBGxv%2B8yoLyfXTjNGx8TV3ImLJIg32KHsTD8%2Fa8QSk8F1Uu29%2BG8QH2gl3D6h7fxgZynDX%2FL%2B9%2F%2FGFS99X5OqxVi7TfOyMyleQK2EJ5Stk%2Bzj8WWw5WYcQ5nB7%2BvjDyI8ULwMsCNYtghb5onYy%2FtpUXp9vhxnRPfBMblOAZ%2BmgjqlJhVU0NL4Pvwa1Jp%2F1s512Q9lbkjMV67vYybUopmGscFc1kmeD67KvIiXWZ7%2BBFGtXvCk6ow9ie02v0034hoJBVN51qFACxGkOPKBa%2B8HWUHe9vxteKiuUllXTcZJR7Ylydm86R%2BnRZutXN1tvPC8IZ7rDQA63EfLD0cTtKxLe3nTKmtZqj7VzvCnl5GEqu%2BnmOnhOZ3B83cckBVZJWUiLnguolHgAfrZEGBouFyv%2FOdIe7GoHk2kmtHol69i5LPZTwTvJ7exip4qtP%2BEYNNMFqimOUI1c1YEsz5CJ44gGJEfUfZM7E9xAGPgBC20Vsh6kf9bEUh%2FZSkn0UPiD6pVKrMWTWscL5Hl7T5XBHTFT7xoPOP1Nn93G3p848HJSO1frtkIsAUP2ESXTJCz5X4RZ%2BfF%2FraEMUr0jcZeiOtBzg5z3G5uTXpTYiyy8Wk3d1LxSODTKLwQVPs%2BAfCCw8W1cePjV5JnkL4AjVPQgWELTxFBb6ECRVe5lDoegf1ie5IYA1H7YH0DYPfmKNimKcdeqCKRqPCugexZyxN9hVnWKNKzmv12IJlB2JkmLx%2Bay8fnGP4igF0gZ%2B3%2FhYqr7OK0285plU2aHh5gMRXrtvLLjSNFBA5Xr3On3J9ygaNA5Ii9qKtHguApA3HrN2wK1I2WFD%2BNw9meLkLZcPjm3r8aiCxNA%2FoSJ%2Bpi3orb43L92hrOn%2BeKuoFri4XNXojIvyNnux762QEJVkE2hQf8rVh2rMzHhEynkCGrXSrZ5RuqoSRFFl4bXr19ofywnpBWxxw%3D&s2s=1
Title: Schockierende Neuigkeiten: Sein Geheimnis Wird Endlich GelüftetAmz Tutoring

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=W013kes5gmXCHkmDveqRULoYdaFzPdsPqK1lKwH9eGiyMo4ND8IUN3vnyIH8n2aRF%2FNRqPyRCJL0pdxzvdr6AOjC%2BjCyFuTEI8DCAQ%2BQvoVEbdCjsDNqNRgvSoSeG5Azh9YIvBnP%2BcwHcZ2fGbxYX2gnU6HfspcLUzk7ZXzikdqYhpzWJbzU9c8%2BpEYDmy%2BXa7g6tZdreFDzCccXtH0BfKLLg%2BcJi4fD0Sr%2F03bIVF4Tpb%2F%2B7CrONj2tTyT84jhoT7HQOi7LW%2F2r0nw6CrR7Si9Gl36C1LAXHbDwZ0qR3DbMA6OBU0dve34W%2FWB8CorNuZFGR%2FwBJ94GgFvmzITAFiJHKYwDe%2BztufRMGFnwhOHLsVFbWS%2BF%2FDvjIhYTDf1gitGndYzSc4WuDLx6A5nOVAJQ7WFquKOm%2BWfilLiBQ91WiZjlWfN0q3Zc28ymrx1Ldn%2FVusbB9oTw9kBEskgi%2FC8VKa0fc8h%2BnrB1zbrwLUC6MRrLYYKg8nzzCv51JJgdCpAvPdB7VNDC7YUQk18Pg6VUsY%2BCBomJNjaMVDx26KRTrO4wSBaO4%2BRQuPElfF0kOP5H4014atOcdJN1RCsLOz3DS%2F4tmfYzhghFTiTVDQ4DIlZ8%2FG%2FVPnWfq1c9U%2FYMxGY2PdKqxSIhumVCUGZEFPrjw8XSg6gEwuF%2BUGXL5iFyPpIkBT6MfDPiPAhzSPv2xtK278aW99DFt6EXMLGbYl%2BY4iYi3v%2FkBBEw7O0KUbXTZcVBASclQGpf1VRdAAT03nu1FTpjUHjOjp%2FGobYKv9vHLx8wurpTMU0dy8y33Gw3Pfxwa559OvhE0T%2FtpOm%2BWaKk7LpElATMz1lOv1dxlhho9ZlpaAPq4cYyxf7j6ynV4rUZXvu%2BaowbfXO%2FE3dhnAJ8wJtVDyY%2F98BROb2Iyd1zhMKpHzM7sNqOUMw4Vp%2BMnTLgnSVJuc%2FT5VxXSAJPLm3PQOylZ8Y8p4tEWcS0pu%2BLGwwcem5YpuxGBoWlu7pt0OjtBPvDUHOvP%2F9hgbBz4vwg3bp5KxTnWT7TpRAWfMw8B1DJAJBvOykqVyBDVvYgGhnM3HjwH77bLaudQtRDM%2FkVAS382JIEcFGcGcv2It7xC1bZh2KjpmYymJQalrDhsAcY3q78wGZi%2FqV95ozDX6fqzgRbUUceTDttXnAubpolNfiD%2BLJwP1e6JjzBOvIKhRivt6VG4n8WXwJei1nnW5wJWN4sFH%2BoGGvjuJI8WHXTXsbVnukNhHDz37v7FUYeIeWm7ADL4H6U%2FQTEx5UotnuBBBT1PemjBTXKL7LdEJq4Sv9tWx%2FP%2F6YeOugZ%2BEXlGNy1VIm0jO1Tf%2BEvzgFcKBvBa9ykSxkJDTcQG7AcS3Gs86vtBOHqaYnAvOkVn1XiJ9sc1xNTuwc5Q8wQM7qyL9z%2B8gcD9FCs94C1UwknCtQkIoERr6EhwdUIG6Y%2FwIwuNv%2Bnk23aYh737QSqjyNT3b29i69mTkslw9AkbQkepnc50HSpdiRF0vXUMLrizvOuXTcVzpbDXdXK1SiXjUi5RlLWzZsasF50JUffcrT8BQ%3D%3D&s2s=1
Title: Here Are 23 of the Coolest Gifts for This 2021Trendige Geschenke

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=K3IcvYz4ABI6zP6srETABEp5s%2BiFDOEKwgV3K9MQ85kZC8QO61CjPoXWC7ovydnIyFhZ6DIeRJnWeJKMwTvKYjp4Tit3s3v68wPqC0aQIAOlSJwFkftUD9eUTdjbujX5noxSDwfERkefOTItwdbWbxyo%2FCqaQjFCAfgEBjHHnyXXsy%2Bbub5qvTMUA2sLTy%2BwI9wRw%2Bi4a0nGU3%2B6LVjhixHqTVQ6K5v0X1daR1ykxZiZ8WE2kZaJV3NSjO%2FGD2OZj7tkIo51%2BE9%2BW3jZy9EM2nJ4Jop%2F%2FD0hufcknRWlg3btjMnJtMN4w5BuOUSWkLp1NRpK1vEk6aLy%2FMY5UERy2FGc1aD3Zkb1gUL%2BEFeOAgF89XOv2LBrQw2I9pPRnawuzylGPKhwhB%2BPK4UdRHpwIinRNuLerc45kxeq2t34omlwdAXQArxdzzUwkAI4nyW%2B18BfqIHzY1Cx5CIJ2wR5DzM25jqCEpvvoLYJdd6Y%2FAtqxr0ZwZ0JxYc8FUPmg26WM%2FsDAMWVfONV5LzoHtLqr09nvydjekAI0Zq7PGR%2F7a%2Bfh7K8tqKL2J0hJzJqGWvwmzbliu9KNKNgKZoc9DVQ2dK839x7L197qmwsEZUZhQEDQnudiPuqlW2%2BNa6nleMARwHNpqrCjWVF4XVkwoyy70sBakbOYn1jHUn8cb1PjgNEEhdKqZNDbL78MLdPwcoGvW7TDx6tUY%2B1w6jZY5p1bZEex%2F5L133TpHb%2F0QTvSmqsfW4fdPeMWGmpwaFTmkx0Iv7DFsoAOwirOMI2gUneG90b3kzwSojeaKarOzfXbHg5QNAecTE5XD2eheMgIRjZveQEvJQ67sJFdsFj5ZacEGxO0X8MFln0FP%2Fh%2F%2BnLaAApE6ssRBID1RAQ0avFdPRnPAiGjm7cEXLMxjd7lG4i8YxExvUUOzNj0vh0P6uuPkIy7Pl3LnwVPeIRst%2BSPfipuFSX5%2FJHZCD7OGFUHhMzzzui7apYqx0xbxWFHjm1RUkVmESA%2FImY2ZqxoFwHAjXe3To3WecSCXCEW%2FfIrDinkih5M1F4z3PSp1SB1Q4M744isENxXu8yT%2BuVkPxAScxNeLSWAP7VDFo%2FuNOPZxzUvDhSPySIuwh0DCMwIQOWjugzxQXSmNY%2FI7RfJVmO9SXhMAal2i2dY90yqn2oPOtCiaF%2BM0kUGegqNB%2FLDczxPOdDSfugTU9B1B0224aCtUTekbbQyjn1ZBg8LLgky7YlkOfVYMFIgmg1ldJHsbJ33N2%2Fn%2Fwcyq5hPdy39WZJn96uAw39D8rz3UascaCtC9HMANjgGawJk5pmehTq9PQWXKiXG7Z6dLmSZ%2Fx3w4w76hnVbua4jyeD7m1wiRPfyP4KiyEN8OLPlOAuW9BM53%2FZyEYz2sVSoG5Rvle7OslIMWPKEa85AE72%2FX4kLDiP76uKc1zLdqq6JLWv22bbm3yEcKMB1D2isO%2FnLDKjCki2xXN3uKOpnMW2672ovTyYXrukmhEn45cccS58Qxd0TOhyXI84bd2c50%2Bbzv2uAZvSnA1BDT0voT9edd5EnkmxyQihqKu9a%2F3h%2FSPXd4%2BW1auw2PUy%2FXYB%2F2phh4FYyp0fvr6sEX7Sn80M8FbZgB2pCjwY1w%3D%3D&s2s=1
Title: Remember Her? Try Not to Gasp when You See Her Nowpopcornews

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=zjU0ITp%2BAE2dRflr1x%2BXxpmvs0KxvXrW6DU2x1CwuvZzVpPPPCOwra84L2ThEffYmi46QXll5l6s3Fx7TcOX%2B2bhzsKlhGBt4%2BW5L7F55EaBaI1UEHHLzDBtL1JNZcpxIqWwK3oTxgZstNPpqvwmx%2BW%2FGcWFxxr6tOZrPYNNyfkB4QU%2BaphsjPIqj5zrJ6G4Kr0BhvfiwSHY0b5mtEVWVafKWj2d1rCPlw%2F0ZHUevZdVK9YJlTEkmZMU3ncAYEvZZiL04BdwB4xoFXo6XqMrY954VpnH%2FSLDA0wgd8d0JcfkDd6Q5cLpurlR4yWS7dDjX4c4giBtRhb3SJjtE3P3q1azEz30mrB8e8Cg7hkCPQ3zldhHaco1ZCZyADXdozGpF6vqf4iqyrIJ%2FfQwlb6SUJTWexkcrmhZBa1bJvu%2BDNa3eKlT8QNOX5IMVUY8FQLR7trT69Eb%2BOn7xRsX8%2FsvZ7kCsZFwoE%2Fh2dP%2Fu4VUhgoQQfYVJ1OJBBbdz3uZBic4a2gfkFEfOlurHRyFYsR8wQqHJsnbcbmMOlXLURNm5gXYhHNLt7pnEOv77tBJvmAjL7Rtji2RrmzKr%2B%2BdLcRZFhztD%2BxYjBH1yFEPDC96vqtLMHTPcImO0kzQCjCBeazNiQTNWZ%2F6UfbHdmvTWqoi%2FdUsVr2kORzB5DxwRMgrHFKH99nlIzSK6NUM6KZDsEnYnqxn4XY%2FsCSz%2FHQHSkT5AIRAA%2BI0yCFjQQDJKHzv971CuufTvXovk%2Fy0Oe5hvPHTFszxe1r10D4qT1pXMnplhHaIZ2O%2B1n0l%2Buy3y9MH49LHJ0hGIBt5XSK5g1KqMMouy8xL2YljQyBF%2BJVllulpW1fWX7R6PCdjdSjVA5%2BiTOk4nUHhiGUZ8U7BpHK%2BUuCZgHYZ38v8y3FCRdxV88ThyyvCbFn0Eicc9RasSjvpIv2JheXVMQyq7eRaZBdvPJS1M8ik5Hz%2FU7ERy%2FRffe9LHLNndguCXqbpGrKakjRw40rojzGic3njwsW8ZqDDMZcKQBYQ0D3P%2B8JUInLl%2FJS%2F744QT8EnLTuDsoFCrbf24cymFZVy84XNfTAzsA9bTHHSO1XwnBCv2i2yhHG4is40a1Su1rIN0%2FoPhCihdoRQLkCHPUZXL3CXd0SWFAPPkpvQxTpUlIvn1ZME%2FvUxSSJ0mZeaZGNtKfiYg18eYveJv5ftUe%2BhHec1aqZvuj5e7jgLdn77zR14nE8Gm6Pq37OKlTRLkeD8hxRXvM9%2BdmTA7BOZUZMcf3EqYfi1%2BUOdzKopO%2BbP3UYnZnmMdMRLZVyJ%2FBYndn66j96KCvDFEeXrE3BKrQv1gKRie65U9%2FmZNCS7saty07vTS9TCR%2BNCCqpB9g%3D%3D&s2s=1
Title: Anyone with Diabetes Should Watch This (Big Pharma Companies Hate This!)Fitness New Times

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=ZKlFGiI5P7I4SdQqO8XRnlUkJIc6lQGO29GHZUlzXu5JoIVFcM11ieAa%2B6Cq6WXTmZ97i80rykd7wjVTX6bcCFVcGWBZFQWEAC0AuFCvTwtHVwtM5%2Fhz6RoCMZuWykrHH47THBJL81%2Fpsbo1F9YGytl8%2BnEhiDXrxnOCrKjEIC%2BnbqnU3Z%2BBFb14m5Jw1b8mD%2F3qjWdOhMgNKu5RILvEyy1i4GgGPMTNXs%2BWgw05ItXxlJwRk1jCZL%2FZD%2FnJ%2BKQuXzTxNzsmSBgEbYPxTRcV%2F4uTfJVFVw8gH27RHGx0Oln3UandA1C%2FLUhM0pmRmucwpULLdVd9vTjl4RxbqD1G3OxhsufVQQFNBMAe9%2F14ZUH%2FI8kn9Z%2BIAaVgyt5Lj%2F925oR1EVBTVKFrOssLlMAHztIlzmkj13sdEvNBDukd%2BLV62yw%2FRcTJubliWEe%2BhoNEo4Mhj4xIhUUMXT1KN3JjQ3ZuHwdaocYNaMHu5eTbqfoB1NeBiYajP4h5gq41X4wRCj5uWOYby%2Famr2l2z3rqVa9lpj%2FBFXhRPxTNNQcor3ySXRoct3wfspM%2BbID2AOI4rjp5LO3Rdx6Lp%2F%2FB9hBt5E%2B83GvBb3e5wxU3hiKq7yOno1ZUNTL7lDgGJmQ3opUr9Ig0ziquCCVnd2%2B%2Fh5enKVPZ5e9l3b4x6EzIaYn5d%2F4UNn93u%2FGSTW%2FKDIoLZEEWALx8BjXP1zZxAFbnQKJGokVL93W6TLnieUREzIbDPL%2BiLcpriWhsUTulanrTdhvRV6bbJKpd5xE%2F%2Bx1oo%2B52ge8pADoDjom1Oq1jHD1xwWcFOiip0b%2B4eCQGps5%2BHW13xfMpYxpr5WRQgIVHwPwhRb53uAklX3SRiTLNQ3RFyGgzWgrrHwXo%2By91BzdHmZz%2BkpdrNGUKruF4o9%2FdDSxDffB44ssK6eed4JFh8MdQnbCLtNXZDj7btcldrq5TdNbjh%2FpAZGpji%2FMFEAoz6P63Ynvjx%2Fi7MTB6YTGcttPxyQc9GV0IybODpcq3L25tBKEVAOoLP5c%2FY%2Bgw6eaUy0RxpSSb5xxehGBC7Q3zsbx%2F8aMieYGeVCHY8%2B81uRy6jkeYizbfID3Mpyox1q1TUh0E9urFatt6W4M%2B5tPgaUZ6xiz6YNV34p8mYJP2MJJ%2Fm3mDxIluH2a8LHbDU1uzWhmqNQRdZvQdrbyJA4YHLeGr0Rtsk150G%2F5B90s52qzsFQLihcAm9cxD1mMVPhNXgO3bdroblRbcSwiD1oPncjwJqp2UyQgavw721Fd7MbOb3KIVUmRUHB6wg96vXtvCBRrZobaQAZgLlcH4NUkSXlO057oI5EJGGzcOcTCap%2FIfkwAlfKOuEGP5JY2KR0jhGHVwFllVEb3mVnn9Y5AJi1aMktKXR6TP9VxaiE7cTbD9lO6IM8Ucm%2BlgXQ%2FzsC8b0uWJnQ%3D%3D&s2s=1
Title: At 56, Laura Ingraham is Still Single and Now We Know Whypopcornews

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=dVVKnyDjm2cI9dl%2BqcEqRUW1Ek%2BiaAJEqzHKUUG%2BEB%2FuACK8IEWjmwSbf0AVSd%2FUL7Q9tLGmzKJ7zSQxU5L%2B%2FqQZnkylHL3T3uL72aJUM%2FJuLqQmzxBxX83Im%2Frg3LR7SkhtVejCZ5bJupI2vnzHy6ZuzM3AE0LJqtt2BrVfQtPT1dPKmdvcleubV2lW3jkbWwZ7w0fgJRZx3jHRaduR51VO2kxaWxEXE21oK8htvKk%2FrJvQaYb5GYVN8VwcqYm7uoC%2FPB4GSdz4jKDmiZG3J706ble6VbkZkx2ghLZDAIxstk4AZH7q08rcca70lTGAC3JjHXi3Pm3rVg3S0dL0UirGeDMrI%2BibxlWipH397Lfo15Qgw%2Fh8qIL6oWypw0c0zJgBSZYJ%2FZKtNEYR2npYfd36ZaAUOrflQcfjEWRduxRzeKaGERCR%2Bcd%2FBS%2BKXPipskkZEaHqXKrx3b%2Fwzux1Ucuen5AOutqKgBb%2FhZExnoxpqsFA5qcVkzC3ZT29NwaVvGFq%2B3QCGzNUj0ILa33eS%2FWd9LkJ84QsEzwe7I9EMvC5hX7SdC2fOu8%2BGSxMZOE%2FM8UxHyJ9I91k%2FOLPKFxylhTnmTznDPkef5vBpjIXx523MqbITXLd6KBwGK%2B9D2Q5vQ8d1GWed5CGQ6fIW5gPvjsCtVoLHAXEdMrAzRkWwxQ%2FeLJDxiNMX5xYcdVavCCazGVbKhWQ9Cj0MWn%2B9yIo3fNGw3wwVrkCxBucK2%2FsByuTnEmlJJkyBEVxITDTDujzf2EqrYJUs%2FrGStcy%2FaBoE7sXhtRVC4ZZbq7Og4f%2FpBqhG6uFPxOcaPhPMVGxvW7Yh6ZnYn%2Fy9xFkW3kHHNcWfRzkVfCxu8ATGvuPACwaXGIAF8HedaU%2FUUtepgzQOoZ6usDcZ50k9nUJryc5onyU8gWq0WlEDTq%2FWxl3xu%2F%2B3mx%2BoFRrl4LVox403VnbQwZKMWpp09dI7h4av3Iup4OAKChSQoLYUlQCa%2FC8upHhXaOwP6QPsAmsvXqyifCHnAf0UPZ%2BstZz%2FgEWd%2FSi3hB1N383cWACUpQqLBY2slbdcxMYcu4TNJ5As5XcmUhUWY1SBqsUKYZ%2FAC2tzXk8kAHdTU92GuIf%2Bry9gU1Fny6HWdys5%2Fv1hDRqkG0epql2bVNsgDYwLmnd2N2jlejMEp2ykhE1F2rzf%2BwmQDxrDyOrA8AS3LxpKMTkjFgx%2F1ZFWYxbxBDflTSnGrpVsNbpKOdzKP%2Fj9x4OREzC%2FZfqgu4%2BVBFW3SBJYQzLaA%2BVx204iMEkzSWCS0Ix0WrL2LY02MNf0r5bJHOQ2UyHvJmUAINXMVyIJYb0hf0pSlLKYFBNSjPIglZ9%2Bo9fTKLoWx%2FipARSXpGl%2BNBlyVzUCzA434YzHVPpSnGmz9beIBzp36Sym2yni6xLxUn%2FIdjQB5sNzeVGcGV7%2BLGwuV%2FytavjsxDJKBrpKuGfO4OVrx7DSHKYkj%2FO&s2s=1
Title: Try Not to Gasp at David Schwimmer's New Plastic Surgery Picspopcornews.com

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/popup?utm_source=ads&utm_medium=organic&utm_term=signup
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=GSS_GSS_latest
Title: Today's ePaper

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=MID_MID_latest
Title: Contingency Edition

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=SCOM_EUR_latest
Title: Weekly Comics

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Stripes-Europe_latest1
Title: Stripes Europe

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Best-of-Pacific_latest1
Title: Best of the Pacific

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_latest1
Title: Welcome to the Pacific

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Best-of-Germany_latest1
Title: Best of Germany

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Transition-Guide_latest1
Title: Transition Guide

Search URL Search Domain Scan URL

URL: https://epub.stripes.com/?issue=Whats-Up-RHMN_latest1
Title: What's Up

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/about-us#about/
Title: Our Mission

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/about-us#history/
Title: Our History

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/contact/member-services
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/contact/directory
Title: Staff Directory

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/contact/archives
Title: Archive Services

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/contact/reprint-permissions
Title: Reprint Permissions

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/help/disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/help/web-notice
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://ww2.stripes.com/stripeslite
Title: Stripes Lite

Search URL Search Domain Scan URL

URL: https://dodcio.defense.gov/DoDSection508/Std_Stmt.aspx
Title: Accessibility ⁄ Section 508

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstARFflOhpvclyxF_GwPSZscJglsiVQROBINJCFbYo7BIRDyZHExpRGEe997X7K_ITtE9IVHch8k1vCx-KKdS0jwLJRlENe7ThgrOUx-PJXjYd_4d4E5MTzSardBp_LNLKZOnCVufpNsoqaDEGF_nj_ZFpotediorS6ar5g-xbHdX0PSfF_j_BvHXA1o9qTnicgWGM8RlOsjW92BGYqCk4_PkaQvSoVa90Xt095iStIrT3s6fFseT1BPZrTd5X4iN63jtRGKyoYWa6TQLDWzm8cr9j2ZZG9gtXfGz-e5iTE-WQcWPSm7XeKDsY&sig=Cg0ArKJSzCrJqmJH4EOZEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://commissaries.com/come-home-to-holiday-savings

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/141495/connatix.player.dc.js

Request Chain 31

https://epub.stripes.com/?issue=Stripes-Europe_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Stripes-Europe_170921&page=small.jpg

Request Chain 32

https://epub.stripes.com/?issue=Best-of-Pacific_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Best-of-Pacific_160721&page=small.jpg

Request Chain 33

https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_140521&page=small.jpg

Request Chain 34

https://epub.stripes.com/?issue=Best-of-Germany_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Best-of-Germany_190221&page=small.jpg

Request Chain 35

https://epub.stripes.com/?issue=Transition-Guide_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Transition-Guide_111121&page=small.jpg

Request Chain 36

https://epub.stripes.com/?issue=Whats-Up-RHMN_latest1&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=Whats-Up-RHMN_011221&page=small.jpg

Request Chain 37

https://epub.stripes.com/?issue=GSS_GSS_latest&page=small.jpg HTTP 302
https://epub.stripes.com/?issue=GSS_GSS_071221&page=small.jpg

Request Chain 132

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.stripes.com%2F&domain=www.stripes.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=mfI2znxEbTRPV2xqbnRhTUZleVBRb1JDN0RSYXdhc1BpRzRKZHlscHNWZUgySUNON3o4b2ZEa2Nob0h3QzFCTzZuZHp4MDVpb25zZk0wUHV2a3QrejhzeFZrTEExekxiTlJrYzlCSnlNNEdxTVJwTGRNc1dldzc4MnM1T2oxSVJsSDdVOVltV1pieWNBZVBSREpBaS9kZjRiMWNtY1RnQytMY0dlWkJLZ3E0V3R4Tk5oU2ZqVGY4d3Bzdk1OMGNtb2ErazZVL2tqMzc0cDhic1UrcVhSKzlpYjhiYzc1TVBicnI1NjlyTXdjQUs2THlrenhWSEs3M25ZeVhZL3JXUGxKV0o4fA&cppv=2

Request Chain 331

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638882685268-935392687883-006748-004-006714%26biddername%3D55%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1638882685268-935392687883-006748-004-006714%2526biddername%253D55%2526key%253D%2524UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1638882685268-935392687883-006748-004-006714&biddername=55&key=8268148276647502419

Request Chain 334

https://cdn.doubleverify.com/redirect/?host=tpsc-uw2&param=akipv6&impid=64bf0c137dd740f9b9a5c61eeae1c5c9&cbust=1638882685409148 HTTP 302
https://tpsc-uw2.doubleverify.com/event.png?impid=64bf0c137dd740f9b9a5c61eeae1c5c9&akipv6=2a0f:9441:5:0:e5::1

Request Chain 335

https://cdn.doubleverify.com/redirect/?host=tpsc-uw2&param=akipv6&impid=a0b2fae83eda4ac2be1b50945f1ff889&cbust=1638882685412511 HTTP 302
https://tpsc-uw2.doubleverify.com/event.png?impid=a0b2fae83eda4ac2be1b50945f1ff889&akipv6=2a0f:9441:5:0:e5::1

411 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request report-russian-hackers-spying-efforts-3877293.html Show response
www.stripes.com/theaters/europe/2021-12-06/ 86 KB
87 KB 310ms
116ms Document
text/html 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 49692e53747b1183fcd9e7ab01b98d190fd42907cf43dd7e66327cf6c63a3039

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 07 Dec 2021 13:11:21 GMT
content-type: text/html; charset=UTF-8
content-length: 88352
server: nginx/1.20.1
x-request-id: 716cadde-9430-4ac0-bfec-bab97d96b6b9
last-modified: Mon, 06 Dec 2021 21:44:06 GMT
etag: W/"819fa2199d598948734bdba3ad66162a:25"
x-cache-backend: web1
x-varnish: 31498033 19866787
age: 262
via: 1.1 varnish (Varnish/5.2)
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1
x-cache: HIT #1/262s
accept-ranges: bytes

GET
H2 200 ad.js Show response
www.stripes.com/theme/js/ 3 KB
3 KB 148ms
147ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/ad.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: ae5f478837031e705c3b4542b833f76979fcd122da5be00bc8e483e65ffb774c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 12 Aug 2021 13:32:36 GMT
server: nginx/1.20.1
age: 159
etag: "611522f4-b00"
x-cache: HIT #45/159s
x-varnish: 30223571 17882833
x-cache-backend: web1
accept-ranges: bytes
content-type: application/javascript
content-length: 2816
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.0/ 91 KB
33 KB 34ms
9ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 16:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33140
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Dec 2022 16:21:50 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 22 KB
10 KB 75ms
8ms Script
application/x-javascript 2600:9000:236e:4200:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:4200:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:24:51 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:17:06 GMT
server: nginx
age: 2791
etag: W/"6179ec02-59c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 857b0dca772798c338c78a1be69c955d.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: UxvHbM3728FePEdOdRZnQqTYRml6byxdiEU7afbLC0xr5cGlvoEfMg==
expires: Tue, 07 Dec 2021 14:24:51 GMT

GET
H2 200 ltm0ibz.css
use.typekit.net/ 7 KB
1 KB 36ms
18ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ltm0ibz.css

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

06d35a9ff5c57d6b6a4175f5c8cd4fe62db29f6217f8aa695ee6a19d404a3bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 07 Dec 2021 13:11:22 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 954

GET
H2 200 layout.css
www.stripes.com/theme/css/ 173 KB
174 KB 100ms
99ms Stylesheet
text/css 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/css/layout.css
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 3e52eb23477a407a5206fe459e5bac03ac80ba94bf7505f50cc6db89bef5fece

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 02 Dec 2021 14:56:49 GMT
server: nginx/1.20.1
age: 228
etag: "61a8deb1-2b559"
x-cache: HIT #65/228s
x-varnish: 31884824 32942704
x-cache-backend: web1
accept-ranges: bytes
content-type: text/css
content-length: 177497
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 font-awesome-all.min.css
www.stripes.com/theme/css/ 58 KB
58 KB 148ms
147ms Stylesheet
text/css 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/css/font-awesome-all.min.css
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 21 Oct 2021 14:19:41 GMT
server: nginx/1.20.1
age: 200
etag: "617176fd-e7d0"
x-cache: HIT #54/200s
x-varnish: 29409426 24028736
x-cache-backend: web1
accept-ranges: bytes
content-type: text/css
content-length: 59344
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 stripes-logo-black.svg
www.stripes.com/theme/images/ 19 KB
19 KB 111ms
105ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/images/stripes-logo-black.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 786608e1d8ab9470008057634c4724717661f6f23c71299952812c80a0d195b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 01 Jul 2021 16:50:58 GMT
server: nginx/1.20.1
age: 154
etag: "60ddf272-4a32"
x-cache: HIT #35/154s
x-varnish: 28520485 34703154
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 18994
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 icon_twitter.svg
www.stripes.com/theme/icons/ 517 B
807 B 112ms
107ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_twitter.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 0adba3a8e675d262942cd7c59f61fa77dac5f4208ec40f4ea8c371fe23de681a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 295
etag: "60a5e7ec-205"
x-cache: HIT #71/295s
x-varnish: 30882377 36936507
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 517
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 icon_facebook.svg
www.stripes.com/theme/icons/ 391 B
679 B 112ms
106ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_facebook.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: ed838fb7bff02044f6fac6255ee96e585e9262f980074d4c5124e037c7560461

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 191
etag: "60a5e7ec-187"
x-cache: HIT #41/191s
x-varnish: 32541592 26193726
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 391
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 12-6-21%20russia%20hackers%20ap.jpg
www.stripes.com/incoming/h4zbnk-12-6-21-russia-hackers-ap.jpg/alternates/LANDSCAPE_910/ 69 KB
69 KB 115ms
110ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/h4zbnk-12-6-21-russia-hackers-ap.jpg/alternates/LANDSCAPE_910/12-6-21%20russia%20hackers%20ap.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 46f975127b0271949b852ac0000962cad7abd905b7c3823fb9e95fd705db3ea3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
age: 2498
x-cache: HIT #2/2498s
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1
x-cache-backend: web1
content-length: 70567
x-request-id: 38dced95-5bd7-4f41-a60a-385349ed261d
last-modified: Mon, 06 Dec 2021 15:37:34 GMT
server: nginx/1.20.1
etag: "1638805419.576381-70567-3224967988"
x-varnish: 29409427 30577008
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 07 Dec 2021 18:29:34 GMT

GET
H2 200 icon_email.svg
www.stripes.com/theme/icons/ 587 B
875 B 112ms
107ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_email.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: d22b82ea285890ccc7f07c9d088ee0b8dfce954a7ba6edee0aa172ebb008aba5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 116
etag: "60a5e7ec-24b"
x-cache: HIT #26/116s
x-varnish: 33626129 14205734
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 587
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 icon_copy-link.svg
www.stripes.com/theme/icons/ 699 B
987 B 120ms
116ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_copy-link.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: c6e73dfccc73993c0049628cde8275d770a65a7db1e91cb51e22e19471163e4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 58
etag: "60a5e7ec-2bb"
x-cache: HIT #14/58s
x-varnish: 30223572 35523278
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 699
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 icon_print.svg
www.stripes.com/theme/icons/ 591 B
881 B 112ms
107ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_print.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: a995e987ced454f9eef260cc88c42417619a2d043edceec971eeb8c7a0760c94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 244
etag: "60a5e7ec-24f"
x-cache: HIT #46/244s
x-varnish: 28520486 35299055
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 591
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 icon_add-this.svg
www.stripes.com/theme/icons/ 509 B
797 B 125ms
121ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_add-this.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 7b8100025a6d492ac82579830ad0951e275ab2963c29327f70704611c3f31376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 58
etag: "60a5e7ec-1fd"
x-cache: HIT #13/58s
x-varnish: 35954292 30086610
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 509
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 73 KB
29 KB 61ms
28ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MCJSRBS

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

494f22d40034ec300048cce1fb5f7c55b33ff0d0bda515601c1ab09103d301fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29672
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 13:11:22 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/141495/ Frame 1F1A
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/141495/connatix.player.dc.js

1 MB
232 KB

20ms
12ms

Script
application/javascript

151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/141495/connatix.player.dc.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e60582034f65d16de4f819915890368c95457aaa31fcc4359db38ca0463890ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 09:27:41 GMT
age: 13383
etag: "9e5437bb03a17e394d9d2738938ade90"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 237330

Redirect headers

location: https://cds.connatix.com/p/141495/connatix.player.dc.js
date: Tue, 07 Dec 2021 13:11:22 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
server: Kestrel
accept-ranges: bytes
content-length: 0

GET
H2 200 6947738.jpg
www.stripes.com/incoming/j5bmtu-6947738.jpg/alternates/LANDSCAPE_290/ 11 KB
12 KB 123ms
119ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/j5bmtu-6947738.jpg/alternates/LANDSCAPE_290/6947738.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 6f2dd9d0ab5064cfba034ce6b9c29ad004ce7848a2b98a23e74599bd47756617

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
age: 9089
x-cache: HIT #1230/9089s
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2
x-cache-backend: web2
content-length: 11586
x-request-id: 39835238-f261-4d6b-888a-92803af5a61a
last-modified: Mon, 06 Dec 2021 22:06:58 GMT
server: nginx/1.20.1
etag: "1638830237.9944081-11586-498537641"
x-varnish: 33005742 25041867
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 07 Dec 2021 22:37:26 GMT

GET
H2 200 AP21337620631353.jpg
www.stripes.com/incoming/xfc8e4-AP21337620631353.jpg/alternates/LANDSCAPE_290/ 12 KB
13 KB 127ms
123ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/xfc8e4-AP21337620631353.jpg/alternates/LANDSCAPE_290/AP21337620631353.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 3b0ef0bd525bcff611dc01476da691b03557ef78c1ba0d4c32cfed1dcc9afda4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
age: 1765
x-cache: HIT #378/1765s
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1
x-cache-backend: web1
content-length: 12678
x-request-id: 20e212bb-461c-4f40-802d-4e51012bfee0
last-modified: Tue, 07 Dec 2021 12:34:29 GMT
server: nginx/1.20.1
etag: "1638880916.362276-12678-3871020694"
x-varnish: 29362197 17510327
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 08 Dec 2021 00:41:56 GMT

GET
H2 200 081221HAWAII-WATERphoto01.jpg
www.stripes.com/incoming/q04gxz-081221HAWAII-WATERphoto01.jpg/alternates/LANDSCAPE_290/ 12 KB
12 KB 124ms
120ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/q04gxz-081221HAWAII-WATERphoto01.jpg/alternates/LANDSCAPE_290/081221HAWAII-WATERphoto01.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: a9ea961f8e82970a5b4424be715ff788e75a0178f5dd9112dc33ee60a6393fdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
age: 27150
x-cache: HIT #2654/27150s
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1
x-cache-backend: web1
content-length: 11922
x-request-id: 32f2504a-9a99-45b6-a191-887d047facc6
last-modified: Tue, 07 Dec 2021 05:08:32 GMT
server: nginx/1.20.1
etag: "1638855454.3721447-11922-3448969868"
x-varnish: 22542603 22672714
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 07 Dec 2021 17:37:53 GMT

GET
H2 200 12-5-21%20leo%20and%20rudolph%20blitz
www.stripes.com/incoming/m434e6-12-5-21-leo-and-rudolph-blitz/alternates/SQUARE_100/ 2 KB
3 KB 128ms
124ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/m434e6-12-5-21-leo-and-rudolph-blitz/alternates/SQUARE_100/12-5-21%20leo%20and%20rudolph%20blitz
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 26a3448b13492179a8982952c2efcda0e7df69fc7eb55a36867f506941b88c93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
age: 10456
x-cache: HIT #1482/10456s
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2
x-cache-backend: web2
content-length: 2497
x-request-id: ab22279b-c6d6-42a5-aac2-07097ea54152
last-modified: Tue, 07 Dec 2021 10:09:29 GMT
server: nginx/1.20.1
etag: "1638872225.2547336-2497-3092128229"
x-varnish: 31238939 33173988
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 07 Dec 2021 22:17:05 GMT

GET
H2 200 6927339.jpg
www.stripes.com/incoming/xjyvug-6927339.jpg/alternates/SQUARE_100/ 3 KB
4 KB 123ms
119ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/xjyvug-6927339.jpg/alternates/SQUARE_100/6927339.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 259850f83e3a24cba1fea6a790b7658c126095659447a8d01f30dba16b7bb727

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
age: 16246
x-cache: HIT #1873/16246s
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2
x-cache-backend: web2
content-length: 3272
x-request-id: e518423a-0da7-4ddd-b2ef-3fe3c871cc34
last-modified: Fri, 03 Dec 2021 21:29:08 GMT
server: nginx/1.20.1
etag: "1638866416.1418316-3272-747574528"
x-varnish: 34703307 32997847
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 07 Dec 2021 20:40:16 GMT

GET
H2 200 061221OKI-BELLphoto01.jpg
www.stripes.com/incoming/3a41m7-061221OKI-BELLphoto01.jpg/alternates/SQUARE_100/ 4 KB
4 KB 128ms
125ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/incoming/3a41m7-061221OKI-BELLphoto01.jpg/alternates/SQUARE_100/061221OKI-BELLphoto01.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 6933126c960f29b96062ee13ff114dc584eb622a9e8ecb3502443d03eb87c810

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
age: 16790
x-cache: HIT #1876/16790s
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1
x-cache-backend: web1
content-length: 3834
x-request-id: 5867e89d-fca8-41ad-836b-7fdad1247055
last-modified: Fri, 03 Dec 2021 03:32:26 GMT
server: nginx/1.20.1
etag: "1638865891.9055135-3834-1351424186"
x-varnish: 33824236 33172175
cache-control: public, max-age=43200
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 07 Dec 2021 20:31:31 GMT

GET
H2 200 icon_twitter-blue.svg
www.stripes.com/theme/icons/ 512 B
799 B 124ms
121ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_twitter-blue.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 21eb6119029f2c6a6bada03dc288b036f90a33d21d54484c9f3b1934e695e07b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 62
etag: "60a5e7ec-200"
x-cache: HIT #13/62s
x-varnish: 34019278 26264215
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 512
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 icon_facebook-blue.svg
www.stripes.com/theme/icons/ 463 B
752 B 129ms
126ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_facebook-blue.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 594c78bda3126ce363abbe3cea4ade221a042406e6961f7cc6e57d82ae5e15bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 206
etag: "60a5e7ec-1cf"
x-cache: HIT #36/206s
x-varnish: 34972663 33396351
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 463
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 icon_coronavirus.svg
www.stripes.com/theme/icons/ 1008 B
1 KB 125ms
121ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_coronavirus.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: f1e25a67c85672b425315d6418b881db426ea8fe7b103f0f32dfa7bde1953472

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 03 Jun 2021 20:46:56 GMT
server: nginx/1.20.1
age: 180
etag: "60b93fc0-3f0"
x-cache: HIT #32/180s
x-varnish: 26264389 33625957
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 1008
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 icon_camera.svg
www.stripes.com/theme/icons/ 462 B
751 B 127ms
123ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_camera.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 00694c22b65462919f7067f79231cc2d916f31c0276c2cf521ed5d9fca9392df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 03 Jun 2021 20:46:56 GMT
server: nginx/1.20.1
age: 180
etag: "60b93fc0-1ce"
x-cache: HIT #31/180s
x-varnish: 36772733 34972528
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 462
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 icon_typhoon.svg
www.stripes.com/theme/icons/ 990 B
1 KB 125ms
122ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_typhoon.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 4f009bb37f58e77fd17b19201645f0d9b4a3bda5f5cd02ce426b1824eada501a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 177
etag: "60a5e7ec-3de"
x-cache: HIT #29/177s
x-varnish: 32350576 34703107
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 990
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 icon_speech-bubble.svg
www.stripes.com/theme/icons/ 248 B
536 B 127ms
124ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_speech-bubble.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 545e6c6766ef438509eac05b9ee5165b7be7ad145178ccce6517c3a31d171c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 106
etag: "60a5e7ec-f8"
x-cache: HIT #19/106s
x-varnish: 29469227 31563111
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 248
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 icon_newspaper.svg
www.stripes.com/theme/icons/ 442 B
731 B 125ms
122ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_newspaper.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 9ce64f411c03d71f1998fc920980b74b51ab42670d1aac8c0b6017cf041e5c8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 109
etag: "60a5e7ec-1ba"
x-cache: HIT #17/109s
x-varnish: 17838196 32834062
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 442
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 icon_comics.svg
www.stripes.com/theme/icons/ 574 B
863 B 128ms
125ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_comics.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 129f1bdf202d3fe70065aa13e821201cd22e8d4088d4dee3d13ad71b5f903b7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 128
etag: "60a5e7ec-23e"
x-cache: HIT #18/128s
x-varnish: 36968154 35918639
x-cache-backend: web2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 574
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 icon_report.svg
www.stripes.com/theme/icons/ 415 B
704 B 125ms
123ms Image
image/svg+xml 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/icons/icon_report.svg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 28a60f54b774bf33169679db4aa42ac5715a9e3e703a47420a1c9afcc7781f75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 03 Jun 2021 20:46:56 GMT
server: nginx/1.20.1
age: 128
etag: "60b93fc0-19f"
x-cache: HIT #18/128s
x-varnish: 32737329 26165494
x-cache-backend: web1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 415
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Stripes-Europe_latest1&page=small.jpg
https://epub.stripes.com/?issue=Stripes-Europe_170921&page=small.jpg

22 KB
22 KB

254ms
254ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Stripes-Europe_170921&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: 7df648eb8dcd2ab8a07798dfae0448842682b16253a4d348be5fa47a956da8c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:10:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 21949

Redirect headers

Date: Tue, 07 Dec 2021 13:10:58 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Stripes-Europe_170921&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Best-of-Pacific_latest1&page=small.jpg
https://epub.stripes.com/?issue=Best-of-Pacific_160721&page=small.jpg

34 KB
34 KB

253ms
253ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Best-of-Pacific_160721&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: e9953887eb310250b15b622eb85aa87fe1868db9cd86bcd09f4c9b71c345fdc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:10:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

Redirect headers

Date: Tue, 07 Dec 2021 13:10:58 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Best-of-Pacific_160721&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_latest1&page=small.jpg
https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_140521&page=small.jpg

30 KB
31 KB

246ms
245ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Welcome-to-Pacific-JO_140521&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: efd6f7d3912d8e7201c7df80b3d632ae03a1944cc1b3a47e7d9aea57eda3c461

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:10:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 31140

Redirect headers

Date: Tue, 07 Dec 2021 13:10:58 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Welcome-to-Pacific-JO_140521&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Best-of-Germany_latest1&page=small.jpg
https://epub.stripes.com/?issue=Best-of-Germany_190221&page=small.jpg

32 KB
32 KB

253ms
252ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Best-of-Germany_190221&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: c658ff53576fc6aaddd37277f911c657dea0ea05d273c7c5656031faa04a31dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:10:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 32142

Redirect headers

Date: Tue, 07 Dec 2021 13:10:58 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Best-of-Germany_190221&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Transition-Guide_latest1&page=small.jpg
https://epub.stripes.com/?issue=Transition-Guide_111121&page=small.jpg

33 KB
33 KB

256ms
255ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Transition-Guide_111121&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: 59ba60596a51fcd5f9dfed3a4cf796227c8b0e416e6ddabc96e37cfb0c7df49e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:10:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

Redirect headers

Date: Tue, 07 Dec 2021 13:10:58 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Transition-Guide_111121&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=Whats-Up-RHMN_latest1&page=small.jpg
https://epub.stripes.com/?issue=Whats-Up-RHMN_011221&page=small.jpg

23 KB
23 KB

249ms
248ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=Whats-Up-RHMN_011221&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: 432fe9d967d439d9f3fb4a499593238d4039491c1509a2d40fa182b3e19d98be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:10:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 23298

Redirect headers

Date: Tue, 07 Dec 2021 13:10:58 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=Whats-Up-RHMN_011221&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1

200
OK

/
epub.stripes.com/
Redirect Chain

https://epub.stripes.com/?issue=GSS_GSS_latest&page=small.jpg
https://epub.stripes.com/?issue=GSS_GSS_071221&page=small.jpg

31 KB
32 KB

255ms
255ms

Image
image/jpeg

202.212.180.67
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epub.stripes.com/?issue=GSS_GSS_071221&page=small.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Server: 202.212.180.67 Nagoya, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: Apache /
Resource Hash: add8ad5f27d28f9ff3cb71641a6890b5431da4deca36a28e633ad1dbbaa0aff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:10:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 32022

Redirect headers

Date: Tue, 07 Dec 2021 13:10:58 GMT
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: /?issue=GSS_GSS_071221&page=small.jpg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 0

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/ 60 KB
19 KB 36ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment.min.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a7ecc510a27a3c2d4c537d1034599cc9813b9ae7651d9b521fae4e78db5ce40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2784865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18876
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-ef85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVvh5Q1jf2WOckBCw%2BOM03iUYC1mzsKUJnyDKZdc8vEneYJXbGtjD2duOHl6iGWe8EPH5mLK23T3nBKAe%2F8xhwFutnlfbZ4GWJEFV15Ne7j48Q%2F27cW9hTV0BCD2hYoymo1PCiCScMLtqHM3XsfIl%2BLP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b9dffdbab19696f-FRA
expires: Sun, 27 Nov 2022 13:11:22 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 135ms
10ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:11:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (frb/669F)
Age: 822
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29126

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 192 KB
62 KB 147ms
26ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fcf47517c3b2b996f0a78e5d794c30770fc45d1240a17f428177512cdab58376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:44 GMT
server: AmazonS3
x-amz-request-id: AET69BBCV1MGRB01
etag: "1b7539202658ec387521e3f67c07c9e2"
x-hw: 1638882682.cds016.ml1.hn,1638882682.cds214.ml1.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 63414
x-amz-id-2: Wdt/re6Hkdd/qKBpdhIcFQ+ZgSZPLHQtl/WQaqhZnUi/tATlQk1zmFD6JhBLxTp6aELQBFZKqx4=

GET
H2 200 sss.min.js Show response
www.stripes.com/theme/js/ 991 B
1 KB 108ms
104ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/sss.min.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: d25cf1328a0760adaf95e35a9278df7a085c9c0a821faa05a75d7a3e482f7ed3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:10 GMT
server: nginx/1.20.1
age: 128
etag: "60a5e7ee-3df"
x-cache: HIT #38/128s
x-varnish: 30605410 31563104
x-cache-backend: web1
accept-ranges: bytes
content-type: application/javascript
content-length: 991
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 jquery.oembed.js Show response
www.stripes.com/theme/js/ 66 KB
67 KB 99ms
95ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/jquery.oembed.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 4f5210b63799c504ea7499a6d11733c9848fcc115a661c784059611d07d5de08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:10 GMT
server: nginx/1.20.1
age: 191
etag: "60a5e7ee-10943"
x-cache: HIT #52/191s
x-varnish: 33626126 33954212
x-cache-backend: web2
accept-ranges: bytes
content-type: application/javascript
content-length: 67907
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 main.js Show response
www.stripes.com/theme/js/ 4 KB
4 KB 110ms
104ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/main.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: da756438a59e52da1ab54dd8d5d602e8770c4f7e021df212c2d89ba563199719

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 09 Sep 2021 13:36:54 GMT
server: nginx/1.20.1
age: 262
etag: "613a0df6-f7b"
x-cache: HIT #70/262s
x-varnish: 30605411 21833902
x-cache-backend: web1
accept-ranges: bytes
content-type: application/javascript
content-length: 3963
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H2 200 embed-card.js Show response
www.stripes.com/theme/js/ 358 B
652 B 108ms
103ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/embed-card.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 2956f7b2aef18a4a79ac487f3a1d70cebc1a8a4352f7460b1048ec66e5028ad3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 254
etag: "60a5e7ec-166"
x-cache: HIT #69/254s
x-varnish: 33626127 34382262
x-cache-backend: web2
accept-ranges: bytes
content-type: application/javascript
content-length: 358
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 poll.js Show response
www.stripes.com/theme/js/ 2 KB
3 KB 110ms
104ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/poll.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: b66de84a754ca07ce6dc6936fc3ee8c8a8c8046a3258d46bf83876eb286634e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:10 GMT
server: nginx/1.20.1
age: 211
etag: "60a5e7ee-912"
x-cache: HIT #55/211s
x-varnish: 30882376 13087986
x-cache-backend: web2
accept-ranges: bytes
content-type: application/javascript
content-length: 2322
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 / Show response
trinitymedia.ai/player/trinity/2900001605/ 5 KB
3 KB 329ms
109ms Script
application/javascript 3.226.53.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/trinity/2900001605/?pageURL=$$PAGE_URL$$&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.226.53.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-53-204.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 87aa4dcf6160f0e2083c260799c9abc73062e0fdf4568a038c6274100ff5070c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store
content-length: 2089

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 386 KB
113 KB 139ms
30ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0bec30fdc58f653275abe6e090a89e9ba89c52e8d20a66da1d4a14bb33a1b19c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:11:22 GMT
Content-Encoding: gzip
x-amz-request-id: SDSEYG3RR0CBH73G
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: sebf1y83pn4hFzK1Dztd4c4nVA3afkWQ9JfYScgPttlf2Z936T1dvoTAa1Rma1qpopFcLA+ClC4=
Last-Modified: Mon, 06 Dec 2021 15:30:59 GMT
Server: AmazonS3
ETag: "0d413afd66cdb5bb87f9538e1d9436b7"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 755212c0-9d5c-0138-7835-06b4c2516bae Show response
tag.simpli.fi/sifitag/ 0
788 B 78ms
16ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/755212c0-9d5c-0138-7835-06b4c2516bae

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 07 Dec 2021 13:11:22 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
x-request-id: Fr57HdQEuh18FX2FJhIh
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ 31 KB
11 KB 97ms
26ms Script
application/javascript 2600:9000:2251:b000:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 09:58:31 GMT
server: AmazonS3
age: 83526
etag: W/"cb2b3e45ae50a1cfc9646f528ea92b50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5f.cloudfront.net (CloudFront)
date: Mon, 06 Dec 2021 13:59:17 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: tfXGaiIWh083tc4aK1omttVsnyl1AQ3f8z9wrEx5uc86hS-3a1M5Iw==

GET
H2 200 main.min.js Show response
js.pelcro.com/sdk/ 265 KB
67 KB 72ms
18ms Script
text/javascript 2600:9000:223c:4a00:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/sdk/main.min.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4a00:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f1819026c806a90d255de37b5dcbaa697ebe215f13dfbe3c11466846de16c60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:47:18 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:13:20 GMT
server: AmazonS3
age: 26645
etag: "06d52f4a258d8948be6b5af90ded068a"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e44e0b24e706487eaec6b9e01f2166dd.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 68278
x-amz-cf-id: yLgwRqELmGkFV3hk-zGrAfhBFjL1IVrY2r3ky6fQNsm10YVbcHizcw==

GET
H/1.1 200
OK embed.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/ 128 KB
46 KB 49ms
12ms Script
application/javascript 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b960a89dca43490bf0005a6ed7ef8287405c4bd8b050fc4a4934580d8a5920c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:11:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Nov 2021 15:14:40 GMT
Server: AmazonS3
Age: 19
ETag: W/"7ab9fd3318ef228deb0ec630a29c7cbe"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P1
X-Amz-Cf-Id: 4YF8-rGt_ou7owPnDZmipkhY6H_H8ihyFnBDSOql97PaRVE_aHJ9Wg==

GET
H2 200 newsletter-popup.js Show response
www.stripes.com/theme/js/ 369 B
662 B 110ms
104ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/newsletter-popup.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 7f347580a7b031cfa6fc35eb046691b615875a9a791e75be3e39b821949ea600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 22 Jul 2021 13:36:32 GMT
server: nginx/1.20.1
age: 205
etag: "60f97460-171"
x-cache: HIT #55/205s
x-varnish: 33626128 24063761
x-cache-backend: web1
accept-ranges: bytes
content-type: application/javascript
content-length: 369
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web1

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 66ms
12ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Tue, 07 Dec 2021 13:11:22 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 esi-parser.js Show response
www.stripes.com/theme/js/ 5 KB
6 KB 112ms
106ms Script
application/javascript 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/js/esi-parser.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: a7b96aae8e27bf932c36b6d28d81ff38091c23b43165c59da9272dc3d0eda219

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 68
etag: "60a5e7ec-151e"
x-cache: HIT #19/68s
x-varnish: 30605412 35330822
x-cache-backend: web2
accept-ranges: bytes
content-type: application/javascript
content-length: 5406
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
36 KB 21ms
19ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-714126-1

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4439189361722f9cbe741de6fdbf4462efcfe252b9e62014e81c90d5f9632349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37113
x-xss-protection: 0
expires: Tue, 07 Dec 2021 13:11:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 33ms
31ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S3BD5CQRB6

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90662e93c28e80af3190c38906686ddeef7e606303c972302a86a89a0d70509a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61846
x-xss-protection: 0
expires: Tue, 07 Dec 2021 13:11:22 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theme/js/ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

578da29b095aa5645641c310fa3263a6f540af8a7629e5a82747a89677c98d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1065 / 792 of 1000 / last-modified: 1638878732"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27030
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 13:11:22 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 12ms
11ms Script
application/x-javascript 2600:9000:236e:4200:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:4200:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:52:13 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:27:20 GMT
server: nginx
age: 1149
etag: W/"6179ee68-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 857b0dca772798c338c78a1be69c955d.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: _VcB7jkyVVtaummk52E_PFO496k-ei8jZbmhtmmet6p3x1k94JvwxQ==
expires: Tue, 07 Dec 2021 14:52:13 GMT

GET
H2 200 v2zjsA7dXRGaOflwAf-P7adywfX-wHbRgVK7j9pAo5dE7A23d3SaObk4__kJ66vgn Show response
unwieldyhealth.com/ 103 KB
30 KB 266ms
225ms Script
text/javascript 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://unwieldyhealth.com/v2zjsA7dXRGaOflwAf-P7adywfX-wHbRgVK7j9pAo5dE7A23d3SaObk4__kJ66vgn

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

87bef7a775e345b65d1d933586a87a9b88b26ba7d0fd7185d78690305978e2f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "0bcd02cf05f69f3f45655a94400ef1cdaff291ffdc805dec132bb67f2d6f714f"
vary: Accept-Encoding, Accept-Language
x-hostname: e47ab626
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Tue, 07 Dec 2021 13:11:22 GMT
timing-allow-origin: *

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 30ms
14ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ltm0ibz&ht=tk&f=4750.5022.5035.5178.5310.5416.13728.13732.13741&a=23587097&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/a1f0a7/00000000000000007735ab08/30/ 15 KB
15 KB 277ms
255ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a1f0a7/00000000000000007735ab08/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a269fb78e485537faa03fc97623ac40f73045e9bb3bbdffe99f791e2c42388c7

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
server: nginx
etag: "b572f0bd95b8852b4b5cc172a1eca0f4af231e96"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15516

GET
H2 200 l
use.typekit.net/af/7ed1f6/0000000000000000773599aa/30/ 24 KB
24 KB 43ms
23ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7ed1f6/0000000000000000773599aa/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c28538ecd935a02cfe6a710b9d5222934f7d089617d6946da5ac2d28eecf4403

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
server: nginx
etag: "627a859e573624681b7c0bd15fd678fc8c9b8590"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24212

GET
H2 200 l
use.typekit.net/af/eae76c/00000000000000007735ab13/30/ 15 KB
15 KB 56ms
37ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/eae76c/00000000000000007735ab13/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5f671f08f9fb9359472f84a258dfbf3b6345842b2a694e9f76ea8f728db788c8

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
server: nginx
etag: "e3f91c477dd19e9a0fedbace5e88820ce219a983"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15088

GET
H2 200 l
use.typekit.net/af/cfd773/00000000000000007735ab07/30/ 15 KB
15 KB 64ms
45ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cfd773/00000000000000007735ab07/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8eba40f39772c493ecc0fd53cdd43d1f5dffc562d3436c55763d70bc82280a58

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
server: nginx
etag: "4c9391c3cb3a51e8c1761375e24a182226b1d64d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15372

GET
H2 200 l
use.typekit.net/af/3058a4/0000000000000000773599a9/30/ 22 KB
23 KB 74ms
54ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3058a4/0000000000000000773599a9/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 86af2f2995b2ff5186ed018e5f52db32b2207a46b6abec40a7695d28786146e2

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
server: nginx
etag: "59a89fb61f21a3edac30327928f715dcac504cdb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23004

GET
H2 200 fa-solid-900.woff2
www.stripes.com/theme/webfonts/ 78 KB
79 KB 98ms
98ms Font
font/woff2 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stripes.com/theme/webfonts/fa-solid-900.woff2
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theme/css/font-awesome-all.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2

Request headers

Referer: https://www.stripes.com/theme/css/font-awesome-all.min.css
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:10 GMT
server: nginx/1.20.1
age: 154
etag: "60a5e7ee-1397c"
x-cache: HIT #22/154s
x-varnish: 30223573 33004478
x-cache-backend: web1
accept-ranges: bytes
content-type: font/woff2
content-length: 80252
x-cache-host: Front:CUE-WebCACHEb.stripes.int Backend:web1

GET
H/1.1 200
OK si
capi.connatix.com/tr/ 0
188 B 417ms
103ms Image
application/json 3.13.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=22487b42-1752-47d3-8988-89edc0ddfb08
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.207.171 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-207-171.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
access-control-allow-credentials: true
server: Kestrel
Connection: keep-alive
Content-Length: 0
content-type: application/json

GET
H2 200 player.css
cds.connatix.com/p/141495/ 53 KB
8 KB 7ms
7ms Stylesheet
text/css 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/141495/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7f7a2dc8aba3c3e447f512c5db932f05241c1441b2188d87abf759b1a85295c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 09:27:41 GMT
age: 13384
etag: "eb561df918de3fc2dbd966c4d0470447"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 8321

GET
H2 200 / Show response
trinitymedia.ai/player/pulse/2900005504/ Frame C54D 6 KB
4 KB 123ms
109ms Document
text/html 3.226.53.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/pulse/2900005504/?playlist=//delivery.trinityaudio.ai/v1/playlist/3hp5nyrp/rss
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.226.53.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-53-204.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d8452fdd481bf78482c9705a70bb7dc2bce13ca314da1ea6bf424090ff870385

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-type: text/html;charset=UTF-8
content-length: 3113
server: Apache
cache-control: no-store
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *

GET
H2 200 newslettersignup-bg.jpg
www.stripes.com/theme/images/ 33 KB
33 KB 115ms
115ms Image
image/jpeg 3.33.168.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stripes.com/theme/images/newslettersignup-bg.jpg
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theme/css/layout.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.168.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a1c0ff5298814abde.awsglobalaccelerator.com
Software: nginx/1.20.1 /
Resource Hash: 0641c5c4150eec9082db44493a7168d300718a478e28b628c37f766b2bf83aa4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/theme/css/layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 varnish (Varnish/5.2)
last-modified: Thu, 20 May 2021 04:39:08 GMT
server: nginx/1.20.1
age: 0
etag: "60a5e7ec-8242"
x-cache: MISS
content-type: image/jpeg
x-cache-backend: web2
x-varnish: 17838197
accept-ranges: bytes
content-length: 33346
x-cache-host: Front:CUE-WebCACHEa.stripes.int Backend:web2

GET
H2 200 l
use.typekit.net/af/c00e0b/0000000000000000773599ad/30/ 22 KB
22 KB 194ms
194ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c00e0b/0000000000000000773599ad/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ltm0ibz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3d396c4d9cb7175c15080c9f60c5af11eace9815f2a39cabdc3b2679df39b2d8

Request headers

Referer: https://use.typekit.net/ltm0ibz.css
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
server: nginx
etag: "e1769aec92cb7819665871889d342767f1277ab4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22640

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 233 B
531 B 145ms
111ms XHR
application/json 2a04:4e42:600::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=stripes.com&domain=stripes.com&path=%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6f084fa4ecbadf7b5887620d8b44f6149f59af100727265daa8d15894e90a44b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 178
x-served-by: cache-hhn4042-HHN
access-control-allow-origin: *
x-timer: S1638882682.482151,VS0,VE104
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sun, 05 Dec 2021 13:11:22 GMT

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame 1F1A 9 KB
5 KB 482ms
133ms XHR
application/x-protobuf 3.13.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=141495
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.207.171 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-207-171.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 5b9a694df5c1ca8937592d3ad5a9887983915500a1556178818006785adcf95b

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 4633

GET
H2 200 trinity-injector-script.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/ 319 KB
49 KB 185ms
87ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/trinity-injector-script.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity/2900001605/?pageURL=$$PAGE_URL$$&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: f10c2ef28bc741f9ffd0a2eb720cc51407d45e6c6b4c5897cbc742ff9a8d590a

Request headers

Referer: https://www.stripes.com/
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 10:13:15 GMT
server: AmazonS3
x-amz-request-id: JM4G86FH6E83Q84V
etag: "e87850ff89db5081afccae0397ae4582"
x-hw: 1638882682.dop019.ml1.t,1638882682.cds202.ml1.hn,1638882682.cds011.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 49629
x-amz-id-2: devBmdRO7EF77FDf7INO7uqnawF1WXkGSxiwgeibdCW1S044wgXZmRDf8Zmje+Zid2/aY1WepVw=

GET
H/1.1 200
OK format.js Show response
cdn.teads.tv/media/ 107 KB
36 KB 52ms
12ms Script
text/javascript 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.teads.tv/media/format.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7537c0d704d7f0d6b79f06f3335e189f39168ef66c0aafe0f4b4643b6143c924

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:11:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Dec 2021 14:15:11 GMT
Server: AmazonS3
x-amz-request-id: QPS53VFJ517KGKPV
ETag: "4a63743cc5bc95870e096fabaaf59f91"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Cache-Control: max-age=100
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 36760
x-amz-id-2: 9/h2KkKfZWjA8mDdtsKiQpdZjeybM48PoM1LUEoiQ0ou99pSRGdmurJ6L5MTx57vutrJP/sWIJk=

GET
H2 200 form-settings Show response
mc.us2.list-manage.com/subscribe/ 2 KB
2 KB 219ms
181ms Script
application/json 104.117.200.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mc.us2.list-manage.com/subscribe/form-settings?u=f141047f5265cca1bca1a0c28&id=0ab8697a7f&u=f141047f5265cca1bca1a0c28&id=0ab8697a7f&c=dojo_request_script_callbacks.dojo_request_script0
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.117.200.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-54.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 2f4629aee73fb98ef3be17dc61010858661ca7a569706ae546916ddbb29163a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
referrer-policy: same-origin
server: openresty
vary: Accept-Encoding
content-type: application/json; charset=utf-8
expires: Tue, 07 Dec 2021 13:16:22 GMT
cache-control: max-age=300
content-length: 929
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 3 KB
1 KB 73ms
46ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/267968996/Stripes_Takeover&t=sitepage%3Dstripes-europe&sz=6x1&c=3679297484&m=text/javascript

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

5f7962f7f059b8001253ba4605733651fc005676b8e7ffc7b9ac5a6ded16ff1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 750
x-xss-protection: 0
google-lineitem-id: 5828607266
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373224122
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 2 KB
1 KB 376ms
161ms Script
text/javascript 18.209.200.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-200-15.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: dd556a1812337610f3da1a08917dcb5e46b7eca3cf2323db0c2d35d2d2b3ea3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 959
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 app.js Show response
vd.trinitymedia.ai/trinity-player/pulse/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/js/ Frame C54D 854 KB
230 KB 85ms
21ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/pulse/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/js/app.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/pulse/2900005504/?playlist=//delivery.trinityaudio.ai/v1/playlist/3hp5nyrp/rss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: fcfae5623bd5f8b47ad998684ef0c9230258a6415a9fe3699dfb44601a6b557c

Request headers

Referer: https://trinitymedia.ai/
Origin: https://trinitymedia.ai
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 10:13:17 GMT
server: AmazonS3
x-amz-request-id: 4V5H3CVTG4W9GNES
etag: "582bed967074c94d3313cda93307ecbb"
x-hw: 1638882682.dop019.ml1.t,1638882682.cds202.ml1.hn,1638882682.cds217.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 234938
x-amz-id-2: RvGyRXVdp5dHEHUzVgm/gWCYacddhi/+LQgLSaZNb730VfoH6pQ5u2gtYIxhd4lSCyTWtKgtCqE=

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ 23 KB
6 KB 53ms
14ms XHR
text/plain 2600:9000:223f:c600:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:c600:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0aec59c0803f49421ffcc6011dc42f89fc1b8f08d525116f1a348b25f362c942

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Dec 2021 10:56:49 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 10:54:20 GMT
server: AmazonS3
age: 8153
etag: W/"ae71ccb26170052ef12b62d80459df1f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: GT9UNwIzsvdPDKUWlcpF5f5JAQ7jlTe-5DKSrKpmeZZs-5Rub-Dptw==
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)

GET
H3 200 pubads_impl_2021120201.js Show response
securepubads.g.doubleclick.net/gpt/ 347 KB
116 KB 837ms
819ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119206
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:41:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 13:11:23 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 86 B
716 B 43ms
21ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.stripes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

00479816b3ec247bebe149cc083fb40db68e7c3bae96998c67d0dd666d509c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80
x-xss-protection: 0
expires: Tue, 07 Dec 2021 13:11:22 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 172ms
144ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Tue, 07 Dec 2021 13:11:22 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
141 B 156ms
155ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.stripes.com/
Bugsnag-Sent-At: 2021-12-07T13:11:22.607Z
Accept-Language: de-DE,de;q=0.9
Bugsnag-Api-Key: 6a718baeb7a9a3b44b6047423cea023a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 13:11:22 GMT
via: 1.1 google
bugsnag-session-uuid: b0ddedf8-3b97-493b-a542-58147cbfd949
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 15117444711140237065
tpc.googlesyndication.com/simgad/ 80 KB
81 KB 42ms
8ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15117444711140237065?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6903418cd2cda134ffc4048149352b8d5cb27928117a0d204ea27e73e448f48f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 15:57:06 GMT
x-content-type-options: nosniff
age: 422056
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82320
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:54:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Dec 2022 15:57:06 GMT

GET
H3 200 5632065328601309286
tpc.googlesyndication.com/simgad/ 19 KB
19 KB 34ms
14ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5632065328601309286?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f6d6747a20379285899eb273e878ce5e180fc9e8aa5463c5b00989f23a1beb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 02 Dec 2021 15:57:06 GMT
x-content-type-options: nosniff
age: 422056
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19660
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:54:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Dec 2022 15:57:06 GMT

GET
H3 200 13711484568623043557
tpc.googlesyndication.com/simgad/ 89 KB
89 KB 44ms
24ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13711484568623043557?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b110085568edfe15a234de5f8bda3a838be46dfeaea429c9be7abb483c2a08b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:54:26 GMT
x-content-type-options: nosniff
age: 591416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91336
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 16:49:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 16:54:26 GMT

GET
H3 200 17033718985352900333
tpc.googlesyndication.com/simgad/ 22 KB
22 KB 31ms
11ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17033718985352900333?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e3cd4238bdd3dcd7e0710d584323a16a922ca222a7f6c632a3b4c45aaac3aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:54:26 GMT
x-content-type-options: nosniff
age: 591416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22656
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 16:49:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 16:54:26 GMT

GET
H3 200 17163776189481263682
tpc.googlesyndication.com/simgad/ 31 KB
31 KB 36ms
16ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17163776189481263682?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a5bd42df0226330e4a8f965446c7d5536a11c166ac0472f47ce9948379b1470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:54:26 GMT
x-content-type-options: nosniff
age: 591416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32056
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 16:49:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 16:54:26 GMT

GET
H3 200 9150966138789081389
tpc.googlesyndication.com/simgad/ 44 KB
44 KB 42ms
22ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9150966138789081389?

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a090ab7df6161fa67c307f4aa50667bf976b80226dada40fdfaedbcb007922ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:54:26 GMT
x-content-type-options: nosniff
age: 591416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45056
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 16:49:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 16:54:26 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 64ms
18ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48773
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 165 KB
53 KB 36ms
9ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 21:19:34 GMT
server: Apache/2.2.15 (CentOS)
etag: "16a1416-29219-5c85dc6abdd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=150594
accept-ranges: bytes
content-type: text/javascript
content-length: 54050
expires: Thu, 09 Dec 2021 07:01:16 GMT

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame 1194 319 KB
103 KB 18ms
18ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.stripes.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 60858
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 07 Dec 2021 13:11:22 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C2)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/stripes/ 7 KB
2 KB 63ms
55ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/stripes/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: abdf35269b8e8f726d2a7f79d31a8323212d7b48f10bacc3632ae5334531922e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
etag: -623866452--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 1457

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 173ms
137ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61af5d7ac7e3c4fb&bkl=0&bl=1&pdt=389&sid=61af5d7ac7e3c4fb&pub=stripes&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.stripes.com&fp=theaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=report%2Crussian%2Chackers%2Cspying%2Cefforts&colc=1638882682694&jsl=139281&uvs=61af5d7a826c1259000&skipb=1&callback=addthis.cbs.jsonp__306630451765502960
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3eb386e21eb5583a5f003aeb5409c0d15c44cdffb9a81c756ab77f9a9e5980ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:23 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 5117 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 61B3 71 KB
26 KB 34ms
34ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 07 Dec 2021 13:11:22 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame B6E7 42 KB
15 KB 39ms
14ms Document
text/html 2600:9000:2251:b000:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62e9a0d0147f7293806755528e5777e0a138386a9020049c039cb2735b80d613

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

content-type: text/html
last-modified: Sun, 21 Nov 2021 12:17:53 GMT
x-amz-version-id: 4rqYHrMhihq8E.nYI35gRFVBXpN.exIW
server: AmazonS3
content-encoding: gzip
date: Tue, 07 Dec 2021 01:14:36 GMT
etag: W/"a602e0797ed12b929b825522f0044c3a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: dxYlM7ao311uoJDBCQrlz_NrOUS-7VvkIfvS8d9NXcRtJqw67J4w3w==
age: 43007

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-714126-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5779
date: Tue, 07 Dec 2021 11:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 13:35:03 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 29ms
14ms Ping
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S3BD5CQRB6&gtm=2oec10&_p=1438699464&sr=1600x1200&ul=en-us&cid=1111837929.1638882683&_s=1&dl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&dt=Report%20says%20Russian%20hackers%20haven%E2%80%99t%20eased%20spying%20efforts%20%7C%20Stars%20and%20Stripes&sid=1638882682&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3BD5CQRB6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TCBWEF5WWR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-714126-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92571a8ee603b82a9995106eca9ecbd32136d179cd51b3dae1346f75c9f9a1be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62015
x-xss-protection: 0
expires: Tue, 07 Dec 2021 13:11:22 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 314ms
102ms Image
image/gif 3.90.128.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=stripes.com&p=%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&u=CElGviDY6fr0TlXp&d=stripes.com&g=66270&g0=Europe&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5704&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1068&t=By-3nTD0PZW_CQgmptBI_8tz8PXO3&V=129&i=Report%20says%20Russian%20hackers%20haven%E2%80%99t%20eased%20spying%20efforts%20%7C%20Stars%20and%20Stripes&tz=0&sn=1&sv=tcBvrDg9pZxDHq9_LCm5MrExWE0B&sd=1&im=06530c4f&_
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.90.128.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-90-128-247.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:23 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 602 KB
132 KB 41ms
8ms Script
text/javascript 2a02:26f0:6c00:191::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js?202112713
Requested by: Host: cdn.teads.tv
URL: https://cdn.teads.tv/media/format.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:191::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 510e6b176fac7f9500c599078eeed7cf9a0e11982f5df02e35e0a452e02a543f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: 8G4FCY9EJQFCP9KZ
content-length: 134154
x-amz-id-2: u5enqnqO2qs7T3Tdlq74X3CL2G3xDR5o8Ji8S5nSjZsvV6DHW/LIob+XeNYFNOumIcFLfog+ABk=
last-modified: Wed, 01 Dec 2021 14:15:44 GMT
etag: "0f5a10a3dedcbbaf710854a2c3f5c144"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: b
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 07 Dec 2021 13:41:23 GMT

GET
H2 200 site Show response
www.pelcro.com/api/v1/sdk/ 3 KB
2 KB 140ms
50ms XHR
application/json 2606:4700:10::ac43:1a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/site?site_id=905&language=en

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe31c3672f7d2135a661367f3114cc9e37a60eb368f0f1032c8f8f4cf80efcc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 67
content-type: application/json
content-length: 1267
x-ua-compatible: IE=edge
last-modified: Tue, 07 Dec 2021 13:10:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
cache-control: max-age=0, public, s-maxage=60, max-age=0
accept-ranges: bytes
cf-ray: 6b9dffe00b825c20-FRA

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame C54D 0
0 84ms
9ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/pulse/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/js/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 13:11:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 rss Show response
delivery.trinityaudio.ai/v1/playlist/3hp5nyrp/ Frame C54D 33 KB
8 KB 101ms
20ms Fetch
application/xml 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.trinityaudio.ai/v1/playlist/3hp5nyrp/rss
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/pulse/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 26c48516c152ae0905611bb47e85fd5aded8f9a5c69e1b928425a0dae94f5bcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
x-hw: 1638882682.dop001.ml1.t,1638882682.cds202.ml1.hn,1638882682.cds020.ml1.c
content-type: application/xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=477
accept-ranges: bytes
content-length: 7981

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame C54D 0
0 78ms
9ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/pulse/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/js/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 13:11:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

POST
H2 200 collect
depart.trinitymedia.ai/api/ 0
0 64ms
9ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 13:11:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 css2
fonts.googleapis.com/ Frame 09BD 2 KB
967 B 50ms
20ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Requested by

Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/trinity-injector-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

953f38645d8667c037f64cc00cc5f39b335719014a5c4b1d6317961c9f79cbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 12:06:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Dec 2021 13:11:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Dec 2021 13:11:22 GMT

GET
H2 200 trinity-player.php Show response
trinitymedia.ai/player/ Frame 176A 8 KB
5 KB 122ms
122ms Document
text/html 3.226.53.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&unitId=2900001605&userId=4e3293f1-f97f-48aa-bdc7-153301b03b3c&isLegacyBrowser=false&version=20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99&useCFCDN=0&themeId=267
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/trinity-injector-script.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.226.53.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-53-204.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 9e08d748ad1f6634e1a9d67cae1450a74baf516fe980627bf4372922da978eb3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-type: text/html; charset=UTF-8
content-length: 4315
server: Apache
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 34ms
7ms Image
image/gif 2600:9000:223f:7e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:7e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 fb49d852ca52c03c834ce98098b51517.cloudfront.net (CloudFront)
age: 10616209
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: 6KZP-QAbB-_JLm8guU_a72F7N1cDN8E85XxKoSImT-pmkXoXIuplyw==

GET
H/1.1 200
OK popup.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/ 101 KB
31 KB 12ms
11ms Script
application/javascript 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ed1a215eecd0157174987e302a5f4e1f6a5d1cd7f384608c4e6e8f5cd535ff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:11:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 24
ETag: W/"459011526cbe745c65ba1b165285fbe9"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P1
X-Amz-Cf-Id: mwFEHeUJ1ksiBRuWC3jjtYodUJcXS1tIPs2XA_E60ey40PJTxDdLFw==

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame B6E7 66 B
818 B 153ms
150ms XHR
application/json 2600:9000:223e:a00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3ef9701cd1606f758c50b500bc84712fa4dc3d1462c532ff314705d1ae934ea7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 e37b7824685046c107e13d08c43993fd.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P4
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 66
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Tue, 07 Dec 2021 13:11:23 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: AxYMcKoeWms41O3KtyvL9tsaGTJplTi3hMkFrg6lKh35X-3G4fo0gg==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 206ms
153ms Preflight 2600:9000:223e:a00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 e37b7824685046c107e13d08c43993fd.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: PSirgAfYKE-ujk8L79JZzOsYU1J5JFUvY0JpgNvfUpNJm4QKokvSgw==

POST
H2 204 collect
www.google-analytics.com/g/ 0
171 B 14ms
14ms Ping
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TCBWEF5WWR&gtm=2oec10&_p=1438699464&sr=1600x1200&ul=en-us&cid=1111837929.1638882683&_s=1&dl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&dt=Report%20says%20Russian%20hackers%20haven%E2%80%99t%20eased%20spying%20efforts%20%7C%20Stars%20and%20Stripes&sid=1638882682&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TCBWEF5WWR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
api-location-prd.pelcro.com/ Frame 0
0 127ms
99ms Preflight
application/json 13.32.99.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-location-prd.pelcro.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-17.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Tue, 07 Dec 2021 13:11:23 GMT
x-amzn-requestid: 6aee5df9-7b37-4d7c-862c-e50e118f42fb
access-control-allow-origin: *
allow: GET
access-control-allow-headers: Authorization, Cache-Control, X-Pelcro-Sdk-Version
x-amz-apigw-id: J-uLQG6loAMF8xg=
access-control-allow-methods: GET
x-cache: Miss from cloudfront
via: 1.1 5b6e22c950501920595c86fc25834583.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: IdnS3y6EmTr4SYjAdRuSUW5nHe9NVaGMfoOp2_v0bsH2h_2agT96dA==

GET
H2 200 / Show response
api-location-prd.pelcro.com/ 348 B
743 B 292ms
292ms XHR
application/json 13.32.99.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-location-prd.pelcro.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-17.fra60.r.cloudfront.net
Software: /
Resource Hash: da258b81d3df5f07743d1dff543d2654c1a25d8d416848af80201c23ab1688b6

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.stripes.com/
X-Pelcro-Sdk-Version: 2.5.6
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
via: 1.1 5b6e22c950501920595c86fc25834583.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: bb04c1ee-27c1-4948-a5a6-a20bc5d1807f
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61af5d7b-2805cfee722ed480695ab00d;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: J-uLTGGCIAMFW_A=
content-length: 348
x-amz-cf-id: pedEg6rQxtdEn_CVNFphDenleASHXFafcGYF58PstuueJzDIG6jvvg==

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame 1F1A 0
316 B 102ms
102ms XHR
application/x-protobuf 3.13.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=141495
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.207.171 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-207-171.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
26 KB 18ms
18ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

578da29b095aa5645641c310fa3263a6f540af8a7629e5a82747a89677c98d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1065 / 849 of 1000 / last-modified: 1638878732"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27030
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 13:11:23 GMT

GET
H2 200 2_media.bin Show response
vid.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/ Frame 1F1A 852 B
835 B 26ms
6ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b7e48c138e4a89704f115dce26161a11723921358d5021fd40095c1463f62d25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:43:28 GMT
age: 1249408
etag: "22e82baa3451d58ece0cc49e9ffdd561"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 598

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1F1A 374 KB
124 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126291
x-xss-protection: 0
expires: Tue, 07 Dec 2021 13:11:23 GMT

GET
H2 200 2_media.bin Show response
vid.connatix.com/0f57d190-8a25-4c8b-9fa1-3aa036ee8d1f/ Frame 1F1A 649 B
570 B 12ms
6ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/0f57d190-8a25-4c8b-9fa1-3aa036ee8d1f/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 436a16ee0cec77e60f40d2183ffe0a550a673f36ed9cd338183d2ec512c7113a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 10:04:47 GMT
age: 31842
etag: "ee6acc73696bdb482a28cbd30672b035"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 480

GET
H2 200 3_media.bin Show response
vid.connatix.com/6eb8df96-3f25-40ae-90e7-62ff94a02082/ Frame 1F1A 774 B
644 B 12ms
7ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/6eb8df96-3f25-40ae-90e7-62ff94a02082/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a3047b6acf0c2384e67db5839544faaf6f593ff62ced8d38d418d63650cf767a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:57:14 GMT
age: 1688702
etag: "e5c30d159939f2a879ae80ea05ccea69"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 553

GET
H2 200 2_media.bin Show response
vid.connatix.com/95c53a20-8a97-479b-8cb1-1fd0c7bf44f2/ Frame 1F1A 639 B
535 B 12ms
7ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/95c53a20-8a97-479b-8cb1-1fd0c7bf44f2/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: beb708126effaa6d24be5caa1736fe0caad6775e8ae88630af8a489d9effff4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:31:55 GMT
age: 1253141
etag: "b563b46c5f47c9d47cff3e2dd828623c"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 443

GET
H2 200 2_media.bin Show response
vid.connatix.com/ef58ed3e-9870-4651-8887-2ab048b9d1f6/ Frame 1F1A 697 B
741 B 15ms
10ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/ef58ed3e-9870-4651-8887-2ab048b9d1f6/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 22f285b13c847acfae37b653367aec4453e570bd7d61158422db8cb1c792b3de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:28:21 GMT
age: 1256824
etag: "3a8707752cfffc75b70b5341333df4c6"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 503

GET
H2 200 2_media.bin Show response
vid.connatix.com/3daef27f-76b1-4715-aaf8-bc54d610252c/ Frame 1F1A 581 B
520 B 12ms
8ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/3daef27f-76b1-4715-aaf8-bc54d610252c/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7b5a6c2327ddb59d4323e1159dca0f60b36fd0d53a37311361d562cdfefde34e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:23:05 GMT
age: 1253142
etag: "a1d399ed504b799427c2cc0fc871292a"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 429

GET
H2 200 2_media.bin Show response
vid.connatix.com/ca313ade-13d6-40eb-8d1d-34f532916d3d/ Frame 1F1A 854 B
660 B 11ms
7ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/ca313ade-13d6-40eb-8d1d-34f532916d3d/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1de247a80c68ee0c81d7dc38982eca90e34e4dd39d9a1ce6a83a5ca5241fb336

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 02:28:53 GMT
age: 1692478
etag: "033ed44cabc23d7efee8014ab2ad3d51"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 569

GET
H2 200 3_media.bin Show response
vid.connatix.com/6c584167-2682-401d-8d1a-4f7361e59d7b/ Frame 1F1A 326 B
383 B 10ms
6ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/6c584167-2682-401d-8d1a-4f7361e59d7b/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c263104b538a4ee08d885431b5f576e8ff68e9ce2d57df821c8e6bb917bfc159

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Fri, 29 Jan 2021 07:50:51 GMT
age: 39129
etag: "35c7e9de562330852a3eac3e15ca7eaa"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 293

GET
H2 200 2_media.bin Show response
vid.connatix.com/ce00a211-a406-46b8-9dcb-7a5991d84cdf/ Frame 1F1A 374 B
408 B 11ms
8ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/ce00a211-a406-46b8-9dcb-7a5991d84cdf/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c638ddbf6cd3019073fd3a9bb98bcc425e085c7e100ab65d11a6b12030f7e43d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 23:06:44 GMT
age: 31914
etag: "d5281272e3aaba9909a1c47493594190"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 318

GET
H2 200 2_media.bin Show response
vid.connatix.com/cf26b689-f16d-4713-aa41-4d9cde7cbae8/ Frame 1F1A 429 B
451 B 13ms
10ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/cf26b689-f16d-4713-aa41-4d9cde7cbae8/2_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4903dd620e413c6ea166611db7586c9cb2e7d1a557c98053e8c99537a5f18fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 10:04:35 GMT
age: 50454
etag: "a82d6722dcc7f8107b56e192dc305a09"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 361

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 48ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.stripes.com%2F&domain=www.stripes.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.stripes.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1606
date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.stripes.com%2F&domain=www.stripes.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=mfI2znxEbTRPV2xqbnRhTUZleVBRb1JDN0RSYXdhc1BpRzRKZHlscHNWZUgySUNON3o4b2ZEa2Nob0h3QzFCTzZuZHp4MDVpb25zZk0wUHV2a3QrejhzeFZrTEExekxiTlJrYzlCSnlNNEdxTVJwTGRNc1dldzc4MnM1T2...

345 B
606 B

53ms
19ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=mfI2znxEbTRPV2xqbnRhTUZleVBRb1JDN0RSYXdhc1BpRzRKZHlscHNWZUgySUNON3o4b2ZEa2Nob0h3QzFCTzZuZHp4MDVpb25zZk0wUHV2a3QrejhzeFZrTEExekxiTlJrYzlCSnlNNEdxTVJwTGRNc1dldzc4MnM1T2oxSVJsSDdVOVltV1pieWNBZVBSREpBaS9kZjRiMWNtY1RnQytMY0dlWkJLZ3E0V3R4Tk5oU2ZqVGY4d3Bzdk1OMGNtb2ErazZVL2tqMzc0cDhic1UrcVhSKzlpYjhiYzc1TVBicnI1NjlyTXdjQUs2THlrenhWSEs3M25ZeVhZL3JXUGxKV0o4fA&cppv=2

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

12e0e408d6cec5d5bfebec26fc6a20d3d3e1574a1673ce67a244fe6894cf51bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 07 Dec 2021 13:11:22 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2178
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 07 Dec 2021 13:11:23 GMT
location: https://mug.criteo.com/sid?cpp=mfI2znxEbTRPV2xqbnRhTUZleVBRb1JDN0RSYXdhc1BpRzRKZHlscHNWZUgySUNON3o4b2ZEa2Nob0h3QzFCTzZuZHp4MDVpb25zZk0wUHV2a3QrejhzeFZrTEExekxiTlJrYzlCSnlNNEdxTVJwTGRNc1dldzc4MnM1T2oxSVJsSDdVOVltV1pieWNBZVBSREpBaS9kZjRiMWNtY1RnQytMY0dlWkJLZ3E0V3R4Tk5oU2ZqVGY4d3Bzdk1OMGNtb2ErazZVL2tqMzc0cDhic1UrcVhSKzlpYjhiYzc1TVBicnI1NjlyTXdjQUs2THlrenhWSEs3M25ZeVhZL3JXUGxKV0o4fA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1898
content-length: 509
expires: 0

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
266 B 113ms
34ms Fetch
text/html 52.31.239.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=166574

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.239.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-239-78.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 13:11:23 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 109ms
30ms Fetch 52.31.239.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.239.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-239-78.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 13:11:23 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 12ms
12ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 07 Dec 2021 13:11:23 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame 09BD 47 KB
48 KB 44ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.stripes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:26:13 GMT
x-content-type-options: nosniff
age: 344710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 13:26:13 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 1194 232 B
447 B 141ms
117ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=f201a66339788a3d1ef19a64f43fe3937e22ee5b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.stripes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 13:11:23 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 27e46c94146eda0baf5557f98494ac541ff1b9bbacc4c1b32326d532ada7ecdb
content-length: 166

GET
H2 200 rss_banner.jpg
vd.trinitymedia.ai/cms/1202/image/audio/c5a582e8f66e3b04559f8767fe1ffeceb2a54656b06172e71f80e9855ee58e54/ Frame C54D 101 KB
101 KB 65ms
20ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vd.trinitymedia.ai/cms/1202/image/audio/c5a582e8f66e3b04559f8767fe1ffeceb2a54656b06172e71f80e9855ee58e54/rss_banner.jpg?ts=1638790086000
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: a00389c7a6b84dfdd76dace7ad7de6af4e57fc3dcb7a3a9ae49ebcab27486c6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
last-modified: Mon, 06 Dec 2021 11:28:05 GMT
server: AmazonS3
x-amz-request-id: SR4308BSAHJG112A
etag: "f4528201030bd731fcd43f154774c896"
x-hw: 1638882683.dop201.ml1.t,1638882683.cds202.ml1.hn,1638882683.cds223.ml1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=76393
accept-ranges: bytes
content-length: 103499
x-amz-id-2: l/mxsIHVGQpGz/trEGHdMOXt34hn96UGdqmNLGf6OR7yUz+1btE6by84mVLmsrp4W52VIblCspk=

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame 1F1A 0
316 B 102ms
102ms XHR
application/x-protobuf 3.13.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=141495
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.207.171 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-207-171.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 1F1A 250 B
487 B 474ms
139ms XHR
application/x-protobuf 3.13.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=141495
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.207.171 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-207-171.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 3a89c40879918408b90c17560df0580a86a247e34e63da3475464d2e2294924d

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 190

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame 1F1A 168 B
347 B 311ms
97ms XHR
application/xml 146.20.128.163
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081150&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=774&height=435&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=91.199.118.73&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&contentid=%5Bcontent_id%5D&contenttitle=Marines%20put%20minimalistic%20command%20concept%20to%20work%20in%20Japan&contentlength=171&contenturl=%5Bcontent_url%5D&rnd=9d9c2cf0-e0d8-48f6-8078-9ff281db7642
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.163 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 13:11:23 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml; charset=UTF-8

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame 1F1A 0
316 B 111ms
111ms XHR
application/x-protobuf 3.13.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=141495
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.207.171 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-207-171.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 07 Dec 2021 13:11:22 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 1_th.jpg
img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/ 33 KB
33 KB 10ms
9ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/1_th.jpg?crop=774:435,smart&width=774&height=435&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3d644c93265abc15185cf5accc1ce3a9f111642674bee3eef1fed1374ea3b127

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: br
age: 1669441
etag: "7V0hB8fmaHKF2+v21vNKG6QPJBPFRgxSYXIIbaK+jeA"
access-control-max-age: 86400
fastly-io-info: ifsz=84536 idim=720x406 ifmt=jpeg ofsz=34063 odim=720x405 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 33628

GET
H2 200 1_th.jpg
img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/ 29 KB
29 KB 14ms
13ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/1_th.jpg?crop=950:435,smart&width=950&height=435&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 84643b7ec7363a7ac96daf9ae8a186ef3051abdcd320c79d07e5741115a0138c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: br
age: 1669442
etag: "K1l6YyAiMwWAAH4nYudGQ7pek84iEmPDkkmjileCeL4"
access-control-max-age: 86400
fastly-io-info: ifsz=84536 idim=720x406 ifmt=jpeg ofsz=29478 odim=720x330 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 29050

GET
H2 200 1_th.jpg
img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/ 4 KB
4 KB 7ms
7ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/643b8ec3-5236-4828-bd73-06d0fd1d472b/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c3d78ae222f2cdf9c08f1ee05ebca73903c7bf21cb21e45a76dbfc9ce830474a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: br
age: 1669441
etag: "B/WegXjEdqWIQo2IdAnSNjI+erwOE7TpxCs/Cx6Mqmw"
access-control-max-age: 86400
fastly-io-info: ifsz=84536 idim=720x406 ifmt=jpeg ofsz=3835 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3401

GET
H2 200 1_th.jpg
img.connatix.com/0f57d190-8a25-4c8b-9fa1-3aa036ee8d1f/ 4 KB
3 KB 7ms
7ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/0f57d190-8a25-4c8b-9fa1-3aa036ee8d1f/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 555818d8877676d953f04b982d8d9394c886b824332642a15473480f3baf5a8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: br
age: 2341504
etag: "WPUP4EGguU9ULPU+jncZ/NhYATIGQD9bfJyklI2QdWU"
access-control-max-age: 86400
fastly-io-info: ifsz=69377 idim=720x406 ifmt=jpeg ofsz=3597 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3189

GET
H2 200 1_th.jpg
img.connatix.com/6eb8df96-3f25-40ae-90e7-62ff94a02082/ 2 KB
2 KB 23ms
23ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/6eb8df96-3f25-40ae-90e7-62ff94a02082/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d8eae99f8d3991899f01edc638dee12b8d9d2c8e9865bdb0c87b7562af18d071

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: br
age: 2344785
etag: "T/U5qZCTPAmLGnzHRQjxq0S6krQMXt7gl2uA+6MmqYU"
access-control-max-age: 86400
fastly-io-info: ifsz=42851 idim=720x406 ifmt=jpeg ofsz=2355 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 1897

GET
H2 200 1_th.jpg
img.connatix.com/95c53a20-8a97-479b-8cb1-1fd0c7bf44f2/ 3 KB
3 KB 20ms
19ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/95c53a20-8a97-479b-8cb1-1fd0c7bf44f2/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 34dc1dfc7400857ee8bb0abb46d0662735c6c4b26b91b88d076e7537e22504cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: br
age: 2869069
etag: "U8zM2ju17E/3BYi81usYO8WinqaoOyR0w9MMeKTtOww"
access-control-max-age: 86400
fastly-io-info: ifsz=69533 idim=720x406 ifmt=jpeg ofsz=3078 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2636

GET
H2 200 1_th.jpg
img.connatix.com/ef58ed3e-9870-4651-8887-2ab048b9d1f6/ 3 KB
2 KB 19ms
19ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/ef58ed3e-9870-4651-8887-2ab048b9d1f6/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: af43ea4c564c18bf2c64d2c4aa030a083c82a68ad9a07ba5b3d9f74edd2262c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: br
age: 2869055
etag: "iWuDKDST3Ti8E/S1W2HETgnIDGmVcj5bM3ZudiZSoMU"
access-control-max-age: 86400
fastly-io-info: ifsz=77519 idim=720x406 ifmt=jpeg ofsz=2759 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2323

GET
H2 200 1_th.jpg
img.connatix.com/3daef27f-76b1-4715-aaf8-bc54d610252c/ 3 KB
3 KB 7ms
7ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/3daef27f-76b1-4715-aaf8-bc54d610252c/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b581d1bdfa05cb424c99f7d8c429c40c1260969e39fde3b222d449b8eef5ce2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: br
age: 1666167
etag: "ZeFSGsQlxTwoz0qBo8hiuzfTmloxdBwXG9aotIrjmZk"
access-control-max-age: 86400
fastly-io-info: ifsz=123615 idim=720x406 ifmt=jpeg ofsz=3248 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2821

GET
H2 200 1_th.jpg
img.connatix.com/ca313ade-13d6-40eb-8d1d-34f532916d3d/ 2 KB
2 KB 7ms
7ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/ca313ade-13d6-40eb-8d1d-34f532916d3d/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0cea5263a3b6819b999123c15a2416b808c1c34d24435cb19c7fba696cf4a3c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: br
age: 1234757
etag: "5EqEXwsEqxZbPq01WeQqLKu/GVS553lI+wLABKy/8Lc"
access-control-max-age: 86400
fastly-io-info: ifsz=32943 idim=720x406 ifmt=jpeg ofsz=2334 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 1884

GET
H2 200 1_th.jpg
img.connatix.com/6c584167-2682-401d-8d1a-4f7361e59d7b/ 3 KB
3 KB 8ms
7ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/6c584167-2682-401d-8d1a-4f7361e59d7b/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c65b00e5d831ccbe1bf42e38e82c3b193a35cdfab03f6471c1e8e68cd12a3a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: br
age: 2273762
etag: "cUAI6dPxSuFlj/a1TDRioxjRmcA2gr4gcD6MzGfaGAk"
access-control-max-age: 86400
fastly-io-info: ifsz=46591 idim=720x406 ifmt=jpeg ofsz=2973 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2504

GET
H2 200 1_th.jpg
img.connatix.com/ce00a211-a406-46b8-9dcb-7a5991d84cdf/ 4 KB
4 KB 7ms
7ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/ce00a211-a406-46b8-9dcb-7a5991d84cdf/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 45b60c9ae048b78a11d296a37e770b2748a26c5c00e0cea78607964758f50fa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: br
age: 3475731
etag: "uZ5oa44givO2FgmyLNehnG8ULjRsgh8MnkA+1C5XAkE"
access-control-max-age: 86400
fastly-io-info: ifsz=140594 idim=720x406 ifmt=jpeg ofsz=4159 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3724

GET
H2 200 1_th.jpg
img.connatix.com/cf26b689-f16d-4713-aa41-4d9cde7cbae8/ 4 KB
4 KB 8ms
8ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/cf26b689-f16d-4713-aa41-4d9cde7cbae8/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b214dd816be55213fb9ebacc212f8850dfb4c5515bba44aaec5823e58a68f2d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: br
age: 1150036
etag: "JPOcaNbaTb0PgX2DmWgZSp5pbbFFBq4ospLM2EZx8KE"
access-control-max-age: 86400
fastly-io-info: ifsz=93995 idim=720x406 ifmt=jpeg ofsz=4277 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3874

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1438699464&t=pageview&_s=1&dl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&ul=en-us&de=UTF-8&dt=Report%20says%20Russian%20hackers%20haven%E2%80%99t%20eased%20spying%20efforts%20%7C%20Stars%20and%20Stripes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=2043369312&gjid=1117703774&cid=1111837929.1638882683&tid=UA-714126-1&_gid=514063730.1638882683&_r=1&gtm=2ouc10&z=364607124

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 forbes-484fef5e39bd1f12260ad07d5cc3499d.js Show response
vd.trinitymedia.ai/trinity-player/buttons/ Frame 176A 3 KB
1 KB 21ms
21ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/buttons/forbes-484fef5e39bd1f12260ad07d5cc3499d.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&unitId=2900001605&userId=4e3293f1-f97f-48aa-bdc7-153301b03b3c&isLegacyBrowser=false&version=20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99&useCFCDN=0&themeId=267
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: f8e49947d3547dba3e5bf18c2cefcc2dda7ff5f714e52f398b97d84887d1c586

Request headers

Referer: https://trinitymedia.ai/
Origin: https://trinitymedia.ai
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 16:20:22 GMT
server: AmazonS3
x-amz-request-id: E1PPNNEG2GTCYVAQ
etag: "36fd63d78ee11a3ae1d71d8cacae4b0a"
x-hw: 1638882683.dop019.ml1.t,1638882683.cds202.ml1.hn,1638882683.cds207.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4263
accept-ranges: bytes
content-length: 840
x-amz-id-2: PzhKztD+/f8Mh9V19eX42HgrIqotmVqLynbYuR/72QV2advQEdKLOl5OTC9njEFzqLL8tmTG7jk=

GET
H2 200 trinity-player.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/ Frame 176A 1 MB
180 KB 38ms
38ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/trinity-player.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&GDPR=%24%24GDPR_MACRO%24%24&GDPR_CONSENT=%24%24GDPR_CONSENT_MACRO%24%24&unitId=2900001605&userId=4e3293f1-f97f-48aa-bdc7-153301b03b3c&isLegacyBrowser=false&version=20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99&useCFCDN=0&themeId=267
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: eb542e09f2d9f06b3dd88bc530c3178861172de5a32b8163e325dcfbfe8cb38a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 10:13:15 GMT
server: AmazonS3
x-amz-request-id: 9C72ZW25F5XAR2A8
etag: "76fd92e38b97b648b3a92c6b7465877c"
x-hw: 1638882683.dop201.ml1.t,1638882683.cds202.ml1.hn,1638882683.cds210.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 184356
x-amz-id-2: F/yehzKoQp1vYC9YiBxWGdUBqRG1htSBQzkHkZCV1eGhRRq6Te9bmY7QuyJ1Qg7IpsOeL92geIA=

GET
H2 200 track
t.teads.tv/ 23 B
113 B 187ms
134ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=45bf488a-eef7-442e-9ad8-81e49b76fd7c&pageId=0&pid=48484&debug_metadata=6mlnehwVNq&fv=923&ts=1638882683249&f=1&referer=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 104ms
51ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=45bf488a-eef7-442e-9ad8-81e49b76fd7c&pageId=0&pid=48484&slot=native&fv=923&ts=1638882683255&f=1&referer=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/0/ 534 B
568 B 184ms
133ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/0/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&page=%7B%22id%22%3A0%2C%22placements%22%3A%5B%7B%22id%22%3A48484%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A950%2C%22height%22%3A534%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=45bf488a-eef7-442e-9ad8-81e49b76fd7c&formatVersion=923&env=js-web&netBw=9.4&ttfb=116
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js?202112713
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cf9d599e3d464982f7391d7d522371ff79896920ff8b2641491a9455027f0674

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.stripes.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 361
expires: Tue, 07 Dec 2021 13:11:23 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 62ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1036
date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
vary: Accept-Encoding

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
440 B 48ms
16ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-714126-1&cid=1111837929.1638882683&jid=2043369312&gjid=1117703774&_gid=514063730.1638882683&_u=YADAAUAAAAAAAC~&z=88889980

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 07 Dec 2021 13:11:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatcontent.js Show response
z.moatads.com/nativonielsen548znrb18/ 167 KB
55 KB 24ms
24ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=9675
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:04:05 GMT
server: AmazonS3
x-amz-request-id: 541CA3CB462144FD
etag: "774acff2cee5852cdfc3fd8471cb2667"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48715
accept-ranges: bytes
content-length: 55696
x-amz-id-2: WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 98ms
97ms Image
image/gif 18.209.200.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=5721249&ntv_pl=839427
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-200-15.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:23 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 98ms
98ms Image
image/gif 18.209.200.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=691c80a1-d852-4e27-bb35-33baa3bed660&ntv_fl=CF4se3gYGjAPzQcMJoAeWdJoB6c_a_3asVk8NKJcWF2OIuZPG4Nz6V2epAaF8TVt_tfVhVnhjzfurUEgUpx12SNX3kFlv8yCit_VzwKUuIkmCLTLpwJ-QoiKSHFF72TuKYWiJuSx2s5jJiAdJ8eYQAXFbyfEJX5ctSypx4cb0rQFigdy1JsO9yj8RVHKzw3b7D9y0kYd2ZRtCnemnDhVdovYhbp0cZCw6xFI3njcU-Vk0yQp4WI3UfjKXD0Q7n6CPRCqDH3IQVCH3oiYah8KhjK3SuhkYZcl5tzieM0hmhQlagRNh2POi-eEIfPdJWob&ntv_ht=e12vYQA&ntv_at=303,302&ntv_a=AAAAAAAAAAA88MA&ord=1638882683287&ntv_dpl=1009,1011,1028,1050,1007&ntv_it
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-200-15.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:23 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 97ms
97ms Image
image/gif 18.209.200.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=839427&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.200.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-200-15.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:23 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame 0863 9 KB
3 KB 10ms
10ms Stylesheet
text/css 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:10:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 32
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P1
X-Amz-Cf-Id: JzDQyBiYPL0US5L7TKEqmWHaLcO39AyFMpLt14V1x2Ehk0Jw72UOFg==

GET
H/1.1 200
OK banner.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame 0863 1005 B
938 B 20ms
7ms Stylesheet
text/css 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/banner.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:11:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:52 GMT
Server: AmazonS3
Age: 10
ETag: W/"78d1bdd981816cfbeb6954a85f9efa58"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P1
X-Amz-Cf-Id: V1s6psBVfqOJED8MnyXNpN8as86ikke36c61LRyNFlEn0HOxNUswPg==

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame CFAF 9 KB
3 KB 22ms
7ms Stylesheet
text/css 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:10:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 46
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P1
X-Amz-Cf-Id: P5pgJBYPv1ar1hyoH-ytt04DpX4Iou8knhXMSFix-Mpc7t0WnbM-3Q==

GET
H/1.1 200
OK layout-2.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ Frame CFAF 1 KB
959 B 23ms
7ms Stylesheet
text/css 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/layout-2.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:10:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:51 GMT
Server: AmazonS3
Age: 36
ETag: W/"38f50a83c6d5d15facb231447fa1ac56"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P1
X-Amz-Cf-Id: hsJpLvCL7G7x_R7ic9xYhlOKfnGAOh6Wlzh1Jmd41cE-Ra2Gd71_TQ==

GET
H/1.1 200
OK modal.css
downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/ 3 KB
1 KB 23ms
7ms Stylesheet
text/css 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/56e7ecd72519300e38d4c8e42744c00035f2bf09/modal.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/56e7ecd72519300e38d4c8e42744c00035f2bf09/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc2fb6603f1299fb85244d8a40ec6fbf764d3a7cf74e50e6b66e2df487ace61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:11:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 May 2020 15:07:52 GMT
Server: AmazonS3
Age: 22
ETag: W/"4cb20646e6160144096c6e61f322a18b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 d7433132a7c6595c9aab2dc2272e7061.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P1
X-Amz-Cf-Id: TLxX0s61Lf51GfFGcKqNEG-M95HRqPJ4zHlbQWCR4fo8iOwmzDAFTA==

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 116A 595 KB
193 KB 24ms
7ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Fri, 03 Dec 2021 15:45:53 GMT
expires: Sat, 03 Dec 2022 15:45:53 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 336330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1F1A 44 KB
17 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 13:11:23 GMT

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F7F9 595 KB
193 KB 8ms
8ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Fri, 03 Dec 2021 15:45:53 GMT
expires: Sat, 03 Dec 2022 15:45:53 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 336330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame FD56 595 KB
193 KB 14ms
14ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Fri, 03 Dec 2021 15:45:53 GMT
expires: Sat, 03 Dec 2022 15:45:53 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 336330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 29 KB
12 KB 101ms
99ms Fetch
text/html 52.31.239.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=166574&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&icr_url=&va=0&time=1638882683408&up=pc&bn=chrome&bv=96&widget_width=950&style_id=0&idhub[pubcid]=8940c637-347e-414c-955b-3a4750a7e6cd

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.239.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-239-78.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

bdb6dd8465fd5560ef645c52f66d55c4a37eced99a342be814b9e473564e47e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 11980

GET
H2 200 main.min.js Show response
js.pelcro.com/ui/plugin/membership/v1/ 627 KB
132 KB 15ms
15ms Script
text/javascript 2600:9000:223c:4a00:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/ui/plugin/membership/v1/main.min.js
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4a00:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bba83db30e7719c593bb4546227f24de4a2532f42e90be0b7a8175987e4c92b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 06:32:56 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 07:35:41 GMT
server: AmazonS3
age: 24143
etag: "d62f0d2ae878bebdf3811f4b656f6426"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e44e0b24e706487eaec6b9e01f2166dd.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 134472
x-amz-cf-id: 6XCZZ5ziNsI1jI4aV9M_OqlaPjUEiEt58PITDkhEu2ZDBDc6dlxY-g==

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0D6E 37 KB
13 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:45:53 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1EE0 37 KB
13 KB 33ms
10ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:45:53 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3BDA 37 KB
13 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:45:53 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 51ms
30ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-714126-1&cid=1111837929.1638882683&jid=2043369312&_u=YADAAUAAAAAAAC~&z=2093806453

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 144 B
693 B 143ms
117ms Script
application/javascript 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&jsonp=_ate.cbs.rcb_j8fd0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.140 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

b823703c1c406ba9194770537d6508f5883557ca0451ca4bbfc53bbed374cb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ratelimit-used: 1
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 144
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
x-clacks-overhead: GNU Terry Pratchett
server: snooserv
x-frame-options: SAMEORIGIN
date: Tue, 07 Dec 2021 13:11:23 GMT
x-ratelimit-remaining: 299
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ratelimit-reset: 517
accept-ranges: bytes
expires: -1

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
309 B 215ms
207ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
last-modified: Tue, 07 Dec 2021 13:00:00 GMT
server: nginx/1.15.8
date: Tue, 07 Dec 2021 13:11:23 GMT
content-type: application/json
access-control-allow-origin: https://www.stripes.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 148 B
355 B 129ms
105ms Script
application/javascript 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&callback=window._ate.cbs.rcb_2wi40

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

69a88a33fdea90a38d7828fdbb0c8f0ac76482ac46e6d972aad595cfab379fce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 1286722207391955
expires: Tue, 07 Dec 2021 13:26:23 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
336 B 230ms
221ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&callback=_ate.cbs.rcb_6j780

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

d8c0f8670d4b8ae17e7b6445a625277bf99bd73f0a3c659526b6bf7ffa64f2af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
last-modified: Tue, 07 Dec 2021 13:11:23 GMT
server: nginx/1.15.8
date: Tue, 07 Dec 2021 13:11:23 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 info.json Show response
www.reddit.com/api/ 144 B
261 B 124ms
122ms Script
application/javascript 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&jsonp=_ate.cbs.rcb_1q5h0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.140 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

5b449bb3cc11943da514b524c226336a8589f6526f9fa7face87e91a4b4d34fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ratelimit-used: 2
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 144
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
x-clacks-overhead: GNU Terry Pratchett
server: snooserv
x-frame-options: SAMEORIGIN
date: Tue, 07 Dec 2021 13:11:23 GMT
x-ratelimit-remaining: 298
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ratelimit-reset: 517
accept-ranges: bytes
expires: -1

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 147 B
210 B 98ms
97ms Script
application/javascript 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&callback=window._ate.cbs.rcb_3s3q0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0b4dbf5d904ef13252152a0f974a51fc4f89255095a326355797cb2b23c556aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 0
accept-ranges: none
x-pinterest-rid: 1764824785883025
expires: Tue, 07 Dec 2021 13:26:23 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
336 B 253ms
253ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&callback=_ate.cbs.rcb_98950

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

4626dccb8747ff64346699e33c67adb5e1b21fbe94f82c7d51e03ada3a183c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
last-modified: Tue, 07 Dec 2021 13:11:23 GMT
server: nginx/1.15.8
date: Tue, 07 Dec 2021 13:11:23 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 105 KB
33 KB 11ms
11ms Script
application/javascript 2600:9000:2251:b000:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5024c8562f3a22835ff37215291695e61389d804a4e2ca943eece13960daeca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: GT7I8D0R3oQufoOiLgwsbuUzlEWb3JHV
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 08:42:49 GMT
server: AmazonS3
age: 61515
etag: W/"2f50e5f43fca3ba6efc6a53a514d50c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5f.cloudfront.net (CloudFront)
date: Mon, 06 Dec 2021 23:58:50 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: q0bM8NKbQUPoaC6jP3oXe5gMZW00P9zeUTyLjrGDLgQULz2uR8mWJg==

GET
H3 200 css2
fonts.googleapis.com/ Frame 176A 2 KB
465 B 31ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Requested by

Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/trinity-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

953f38645d8667c037f64cc00cc5f39b335719014a5c4b1d6317961c9f79cbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 13:05:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Dec 2021 13:11:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Dec 2021 13:11:23 GMT

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame 176A 0
0 8ms
8ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/trinity-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 13:11:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame 176A 0
0 8ms
8ms Fetch 35.158.176.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20211207_9d9f35408b4c2537615980615b68f5a7a0a5ab99/trinity-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.176.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-176-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 13:11:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 9675 Show response
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 0
278 B 249ms
248ms Script
binary/octet-stream 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/9675?t=2021117132
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: FjSvw5gpV1ga4XL5w9Q1irC22SZmK1lo
last-modified: Sat, 09 Oct 2021 05:01:54 GMT
server: AmazonS3
x-amz-request-id: TJJDGXNBGVWHWRXK
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: binary/octet-stream
date: Tue, 07 Dec 2021 13:11:23 GMT
accept-ranges: bytes
content-length: 0
x-amz-id-2: OuIQM2iQaYDwG7BXb2a1WEBW3meZfzEthPviPbdCahJ3GbuIXMTpXA89Auw3TOdDB27oTQWDkhI=

GET
H2 200 / Show response
js.stripe.com/v3/ 268 KB
71 KB 149ms
44ms Script
application/javascript 18.66.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-117.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

219d55b0a442e35619d798a9cb86c13c8d266a52b7d57da0454b9fcaff4ba0a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6
x-cache: Hit from cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-origin: *
last-modified: Mon, 06 Dec 2021 21:25:34 GMT
server: Cloudfront
etag: W/"90914ce6d55cc2e7701a38757435fe8c"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: FRA56-P5
timing-allow-origin: *
x-amz-cf-id: YMgvtZ1XSHNVDDUtSukqdEkmOq9q_sZXOXc2D12S0FQ8YMUBsndOqg==

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 27ms
26ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2474
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Dec 2021 13:30:09 GMT

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame 1F1A 168 B
346 B 115ms
115ms XHR
application/xml 146.20.128.163
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081148&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=774&height=435&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=91.199.118.73&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&contentid=%5Bcontent_id%5D&contenttitle=Marines%20put%20minimalistic%20command%20concept%20to%20work%20in%20Japan&contentlength=171&contenturl=%5Bcontent_url%5D&rnd=422fb123-647b-4344-8a30-9473fdb69469
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.163 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 13:11:23 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml; charset=UTF-8

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 135ms
36ms Fetch 52.31.239.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.239.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-239-78.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 13:11:23 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 42 KB
12 KB 30ms
30ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53f40153ce96daae594e7a554e3f335b042f970385e7b6749aabb25e221bf69b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:48 GMT
server: AmazonS3
x-amz-request-id: AET7GCP0P9R0EK0M
etag: "c752e29512ede679e40d7b08481f87f5"
x-hw: 1638882683.cds016.ml1.hn,1638882683.cds029.ml1.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 11866
x-amz-id-2: iPDEOgq/I4+n1rxY885yD2LpmCbIsGLIyldKC2fvEhv8jaVzF/nLt2Ul3y/Vlm9tbr9T4HsyDL8=

GET
H2 200 defaultWidget.delivery.js Show response
assets.revcontent.com/master/ 16 KB
6 KB 32ms
32ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e5d4a249423ce6b1d1f789ebf8c5f52ae355415bdea128b80ed0d000b472c1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:45 GMT
server: AmazonS3
x-amz-request-id: AET6YDJVR1FE7D3D
etag: "b1e06faa922f856668877f1429abca7a"
x-hw: 1638882683.cds016.ml1.hn,1638882683.cds011.ml1.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 6205
x-amz-id-2: NzV4hAyZ5ZSqCAIiwKokDb4QYM7ZdSdX3HFuIeKjUZYNoEmm4FZUEb/c1KIqmNNQxyu7odZG+gQ=

GET
H2 200 commonModal.delivery.js Show response
assets.revcontent.com/master/ 3 KB
2 KB 32ms
32ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/commonModal.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce0d8180e796390eaba89c213059ee270e6bc67fdc219cf1ff67953b0723649a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:48 GMT
server: AmazonS3
x-amz-request-id: AETFRMD8F38YEAN9
etag: "77359485ce587b0f07cbe070fcc63578"
x-hw: 1638882683.cds016.ml1.hn,1638882683.cds004.ml1.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 1641
x-amz-id-2: FgDs+l8673eLBvuN+lhshbNXQmiDQVrDAg8PKZ+ceGXuMIi5XWTROHACPLKpz9gXL36oW3qggZk=

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 65ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.stripes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 67ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.stripes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 213 KB
33 KB 101ms
101ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=322604460578481&correlator=2724038267305520&output=ldjh&impl=fifs&eid=31063754%2C31062930&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211207&iu_parts=267968996%2CStripes_BigBoard1%2CStripes_BigBoard2%2CStripes_BigBoard3%2CStripes_BigBoard4%2CStripes_Leaderboard1%2CStripes_Leaderboard2%2CStripes_Article1%2CStripes_Mobileleaderboard&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%7C950x153%2C728x90%7C950x153%2C300x250%2C320x50&prev_scp=sitepage%3Dstripes-europe%7Csitepage%3Dstripes-europe%7Csitepage%3Dstripes-europe%7Csitepage%3Dstripes-europe%7Csitepage%3Dstripes-europe%7Csitepage%3Dstripes-europe%7Csitepage%3Dstripes-europe%7Csitepage%3Dstripes-europe&cookie_enabled=1&bc=31&abxe=1&lmt=1638827046&dt=1638882683876&dlt=1638882681995&idt=1855&frm=20&biw=1600&bih=1200&oid=2&adxs=1145%2C-9%2C1145%2C1145%2C436%2C-9%2C460%2C-9&adys=551%2C-9%2C1676%2C1738%2C0%2C-9%2C2792%2C-9&adks=375948347%2C776567965%2C91974798%2C2250346662%2C1986035644%2C3310605779%2C2234984028%2C3821501628&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0%7C0x-1%7C300x0%7C300x0%7C1600x90%7C0x-1%7C909x0%7C0x-1&msz=300x0%7C0x-1%7C300x0%7C300x0%7C728x90%7C0x-1%7C300x0%7C0x-1&ga_vid=1111837929.1638882683&ga_sid=1638882684&ga_hid=1438699464&ga_fc=true&fws=4%2C2%2C4%2C4%2C4%2C2%2C4%2C2&ohw=1600%2C0%2C1600%2C1600%2C1600%2C0%2C950%2C0&btvi=0%7C-1%7C1%7C2%7C0%7C-1%7C3%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e6ce5197db5123b87ba8a4fc98c52f1eea1067ff626f1632ef7eafbf8222a97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33514
x-xss-protection: 0
google-lineitem-id: 5807947855,5835259361,5796972437,5796972437,5806742154,4373423010,5362474790,5437597430
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369114861,138371269602,138364920380,138364920377,138369075731,138224497700,138310982515,138318881194
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6621 6 KB
4 KB 73ms
16ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 13:11:23 GMT
expires: Wed, 07 Dec 2022 13:11:23 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame 1F1A 168 B
346 B 100ms
99ms XHR
application/xml 146.20.128.163
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081146&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=774&height=435&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=91.199.118.73&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&contentid=%5Bcontent_id%5D&contenttitle=Marines%20put%20minimalistic%20command%20concept%20to%20work%20in%20Japan&contentlength=171&contenturl=%5Bcontent_url%5D&rnd=ef9838d0-56c4-4007-aa71-8e1244d56ff7
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.163 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 13:11:24 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml; charset=UTF-8

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 4 KB
4 KB 341ms
31ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
last-modified: Mon, 06 Dec 2021 15:29:40 GMT
etag: "1638804580"
x-hw: 1638882684.cds002.ml1.hn,1638882684.cds215.ml1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=27993
accept-ranges: bytes
content-length: 4298

OPTIONS
H2 204 t
avm.avantisvideo.com/api/v1/tag/a061a13b-410d-4c16-a77a-13198232388c/1/desktop/generate/ Frame 0
0 158ms
158ms Preflight 2600:9000:223e:a00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/tag/a061a13b-410d-4c16-a77a-13198232388c/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&eu=&country=GB&hour=13&amp=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 e37b7824685046c107e13d08c43993fd.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: -YizWZiBpIo0_LumXQQ7fNAaYyxC3ozlpcEOVDs4eLf_TJ-CwJdwDw==

GET
H2 200 t Show response
avm.avantisvideo.com/api/v1/tag/a061a13b-410d-4c16-a77a-13198232388c/1/desktop/generate/ 1 KB
2 KB 160ms
159ms XHR
text/plain 2600:9000:223e:a00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e03d8a32efb91836728a13084ae4ee78473f966d254bcf5d21a9dbd58aa54f5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P4
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 0
access-control-allow-origin: https://www.stripes.com
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/plain; charset=utf-8
via: 1.1 e37b7824685046c107e13d08c43993fd.cloudfront.net (CloudFront)
access-control-allow-credentials: true
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id: OcX0hwgvpMGxx5M_1NKA6MiSt-0kyMBbc8loPZvXtoQ2Zd4XxZwM6g==

GET
H3 200 container.html Show response
ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 20E1 6 KB
3 KB 24ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 13:11:23 GMT
expires: Wed, 07 Dec 2022 13:11:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F7F9 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 204 /
events1.avantisvideo.com/ 0
35 B 512ms
179ms Ping
text/plain 44.237.19.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.19.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-19-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT

GET
H2 200 2feaf37ae2ea09a7a5c60f907ec6e76e.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 11 KB
11 KB 94ms
30ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/2feaf37ae2ea09a7a5c60f907ec6e76e.jpg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

c0346b42f60e2810e08ab51f2d507c4a1e5347a756c1bcf0c7432524bfd0d829

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:14 GMT
server: Cloudinary
etag: "0ba418b5af2da1fb2fdd6c74581fc59d"
strict-transport-security: max-age=604800
x-hw: 1638882684.cds018.ml1.hn,1638882684.cds026.ml1.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-11-11T18:00:25.723Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 10822

GET
H2 200 ff27af5a5930935680a4c10289ad39e5.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 12 KB
12 KB 103ms
43ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ff27af5a5930935680a4c10289ad39e5.jpeg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

640cfa03a0edf6a9ccc1794366dc2a16dcdb308bd4b2dcbb60ff5e60e795d7ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:08 GMT
server: Cloudinary
etag: "313c72d28a2cf468da14109e09e946f1"
strict-transport-security: max-age=604800
x-hw: 1638882684.cds018.ml1.hn,1638882684.cds007.ml1.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=198;cpu=0;start=2021-11-12T05:14:01.108Z;desc=miss,rtt;dur=0,cloudinary;dur=96;start=2021-11-12T05:14:01.161Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 12067

GET
H2 200 68e4db568296e2149cd9335740792bc9.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 12 KB
12 KB 107ms
48ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/68e4db568296e2149cd9335740792bc9.jpg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

788aadc7cd7dcb8015b608986e7855f5f5b3251b108ed9f9eba5ff41eb6ca767

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:32 GMT
server: Cloudinary
etag: "f79107192e236b97f60c0b7b5e297d79"
strict-transport-security: max-age=604800
x-hw: 1638882684.cds018.ml1.hn,1638882684.cds017.ml1.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=420;cpu=0;start=2021-11-12T16:37:38.209Z;desc=miss,rtt;dur=0,cloudinary;dur=43;start=2021-11-12T16:37:38.537Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 12323

GET
H2 200 https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F43aa8f8e-74a4-42b2-8f43-63226346da94%2F640x480.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/ 10 KB
10 KB 99ms
43ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F43aa8f8e-74a4-42b2-8f43-63226346da94%2F640x480.jpg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8c8baffcbc46c84d4e2207819e099ee5883706283f9c3f64cc5302929d77bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Dec 2021 08:29:21 GMT
server: Cloudinary
etag: "e8f0421a490582a00d4f9e4ddc5cd3c9"
strict-transport-security: max-age=604800
x-hw: 1638882684.cds018.ml1.hn,1638882684.cds009.ml1.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=201;cpu=0;start=2021-12-03T12:07:23.575Z;desc=miss,rtt;dur=1,cloudinary;dur=102;start=2021-12-03T12:07:23.626Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 9850

GET
H2 200 61ab85f1edffa3-87867379.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 9 KB
9 KB 87ms
33ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/61ab85f1edffa3-87867379.png

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

82efcbedf38ab3e14509e9fd78267e876d4b9b0c3bc355e5f2ec7676cd570738

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
cache-tag: 492511502234514150398750044346674752745,208465888222277207238788418211507912633,578c3b63e33b327d463a78e9f3c3e28a
server-timing: fastly;dur=1;cpu=0;start=2021-12-07T01:13:32.481Z;desc=hit,rtt;dur=0
content-length: 9213
last-modified: Tue, 07 Dec 2021 01:03:46 GMT
server: Cloudinary
etag: "fd9cba5ed4ac27a0b57ac593e4ec75fd"
strict-transport-security: max-age=604800
x-hw: 1638882684.cds018.ml1.hn,1638882684.cds024.ml1.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 2a141d6b6fd93859babd0227ca30d248.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 8 KB
8 KB 85ms
33ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/2a141d6b6fd93859babd0227ca30d248.jpg

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

13fe1f6b84ca309a854ef287a4954807afad92d40af592c40eea81501ee54a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:15 GMT
server: Cloudinary
etag: "12c7e1576d7825c4c375d4086e9c0d53"
strict-transport-security: max-age=604800
x-hw: 1638882684.cds018.ml1.hn,1638882684.cds217.ml1.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=157;cpu=0;start=2021-11-12T16:34:09.674Z;desc=miss,rtt;dur=0,cloudinary;dur=58;start=2021-11-12T16:34:09.724Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 8177

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F7F9 0
20 B 57ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?blob=nullPromise&lid=155&sdkv=h.3.490.0&id=ima_html5&c=1676481652000077&domain=www.stripes.com

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C134 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 13:11:23 GMT
expires: Wed, 07 Dec 2022 13:11:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 58C9 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 13:11:23 GMT
expires: Wed, 07 Dec 2022 13:11:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A669 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 13:11:23 GMT
expires: Wed, 07 Dec 2022 13:11:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C193 0
0 46ms
45ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsth4d0ImPXgZNNzQVVktHvFH8mWP3_CdGOXAD2l48no80Gx8StyxLhn3oVVxw60EpkVFmXib-s9nUmEl0Y5Ut1cPehfvnTlZEYfkyXAhgn5xhWDgW_dpwoNRpuJqHMaSPR7DS75gdCsl7ApEPyvBCCoA_ae7mQR4fJ8t5cqKm_ISZTSLkuMazE1y5k9cCF1kToxDRQARhegSb9q3e9MkTY9eg-l0qfQKV_oZCHsjo9T7ASZeD5XIgC-p5lRg8sgW1tFCQRr4iqWI5G7TmCCBNrTkWNhlMOM2fnVBKEHZ3KGYls0yXx3lRVAcElP2SU&sig=Cg0ArKJSzDp5A7B2Am6VEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame C193 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7857
x-xss-protection: 0
server: cafe
etag: 2255741555227857113
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 13:09:37 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame C193 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 12:42:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C193 119 KB
36 KB 39ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:11:24 GMT

GET
H3 200 13674347863958993584
tpc.googlesyndication.com/simgad/ Frame C193 86 KB
86 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13674347863958993584

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edc12abf1994f114076a7cf6f31e8bde918411918b5c5012feec44a51c8f8a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 16:16:42 GMT
x-content-type-options: nosniff
age: 507282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87837
x-xss-protection: 0
last-modified: Mon, 04 May 2020 16:23:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 16:16:42 GMT

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 35ms
34ms Fetch 52.31.239.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.239.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-239-78.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 13:11:24 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 35ms
34ms Fetch 52.31.239.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.239.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-239-78.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 13:11:24 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 20E1 22 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 06 Dec 2022 16:15:06 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 20E1 9 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:45:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20E1 119 KB
36 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:11:24 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C134 22 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 06 Dec 2022 16:15:06 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame C134 9 KB
4 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:45:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C134 119 KB
36 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:11:24 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 58C9 22 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 06 Dec 2022 16:15:06 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 58C9 9 KB
4 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:45:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58C9 119 KB
36 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:11:24 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A669 22 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 06 Dec 2022 16:15:06 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame A669 9 KB
4 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:45:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A669 119 KB
36 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 13:11:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C193 0
0 67ms
49ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_aoyDCLkFr06U4q2TizlZZa3NLE-pZ3PkKSVSIIMRNTJt5o3BJdao0KJyl-9B4ZSjeFn-u9kqiOijqE2yR8zpM6EXnuUcPId19CTkA61aK0GjLYRHzK9U6X_X52SWdkzYn3_-xuEu1JSyShR00MXNEkgdlxBT7d2kqO4tjeGQknxBzew1kJE6zKO2aUuWV6M4t1eaxzPYBRrJ2462rX59ByPYNBet_m1Z6azttHnqazDO9mADl7PllxjEsZcROs_w6y9eof1wDACwbVvLkX436s84fpEuho2R2s3_aN9IOuz2PN7n_fgPmxvrKtn0rA&sig=Cg0ArKJSzHkCY5VdNVexEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 07 Dec 2021 13:11:24 GMT

GET
DATA 200
OK truncated
/ Frame C193 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc201502f62f6c6ccdb2fd3a50ac49cd874555166d3468f93024c100f8d3ae86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2.video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 28 KB
9 KB 10ms
10ms Script
application/javascript 2600:9000:2251:b000:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/2.video-loader2.1-cr.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1482386e18d9fcf975374afc941b1474ce955d3c54c37e97a9c01d284b68ec9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: C8e.94spR.LU5zvFu.810RzSIRIDBnlc
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 08:42:48 GMT
server: AmazonS3
age: 54529
etag: W/"4337db5cb8f33c4840726c6a7829656a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5f.cloudfront.net (CloudFront)
date: Mon, 06 Dec 2021 22:02:36 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: uPM2o3lcq3lfX2ytK6w_Tp2pCFsoVrD4ecXAIBTosxNjveSD-XhoZQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 20E1 0
0 48ms
48ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQlGCmmhM05BgPi-Q0EHRVJ1ibBv-rJaaUxsccmE0F8ZA6ReRUAAonkA05ula-b9lVmSRJ4gJVpCbQvTP5-vpIW3GCka-HF49EYjTNYN-sD9fCMucIRNvQ9ipmko5sY5eE-u3SqX7lSIFpwuTfIVW9Ss33ymIpVFtoLXcsIyVEX1ploZfTkh3xSgLYlXECXGHhwFE3YZS9c28NVqfW_E8ZsjEb-y50kQkCZ_XtY5zTgO3xjO3cwRFNJCwSBkyYnENkHPvgY86lXfoPkh4Kjue9OZYMDR3SCnMMpX4ecTnlP9QtPPn0sukbjDNNRFRh_329&sig=Cg0ArKJSzLXLiNAqK5CkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 20E1 41 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 15:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Dec 2022 15:45:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C134 0
0 45ms
45ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurPBfPIh7FdNRLaTFjOIzSLdPAf8YgwHxt_5QWFVQd4xhLy9Oz3WAxw234UaNftGjkoAF4FN8q7j05nKk7B1DqPFqW2jlQC9twkwlZ3HXJsIo8eWHhs0ZLFleDLEJy9ZHtAjlTy1ffawYbcK1v6lh8ox4DG634Hgdb9-NwtwScalINsS0j87LQs0IKQvgqRlL3pUWfP9sh2kmxLv47QQs7EE_UyF60AcN_K-tgLmJ2tiaX3YfAJmn2ZJAXajPiyd5Ks_PSILP70upTefhmr41rKFUp0AXVEWTHlHjyS26UtUK6ig_oZMmu1XYs-k-F5_2U&sig=Cg0ArKJSzONjAMqWybXFEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame C134 41 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 15:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Dec 2022 15:45:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 58C9 0
0 45ms
45ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYo4EEIglYrSwf4CFG0DpINTKjL_1a0EhVTAp_x2YWgtRiQi_FDE2kCu3OE1vmlLzpL45PzFp67Sgz1gbcIz-wFCvd6joPiwPPo4wkrlEMfWfg-7kosF7qWHmNIbUgBKm-TxEXEzmZ9HXRRfTmnMEfXisr7ISXvAcdPtIN_YV24u88Y67ogU9isi_pMTZxqGyWlhW3QlWXqSMxYgaSzjYMUd7mR8RUdklZTS-JLB5WTjfqWnNxmpzDLIkjaEZRG8Qzc8m_Yg3bHQm8wpQWrelaDmdRUY-HqGQfLXzRZXGiU3qX6MkxShL16th0dLYz-6WB&sig=Cg0ArKJSzEKGE72CQS8sEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 58C9 41 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 15:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Dec 2022 15:45:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A669 0
0 45ms
45ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6ormXRN0SVIMBvPTooR_vggZTdVTRgVNr-pzBAi2InbeHEkzmEyiFamOO7DuHz-iHl4nkQtZ66Ng9Kc740o0TwI7vb2kkwjay7HVJjc-VnI7uLYCz9KIyE5Xm0bVHUy58B3C6pRZ-0NInIhk2F8yepntJ7Q27qFkcCn1M3cFlwRwpQoBMNukhle_n2SSzOWp8Y3Mip_CoczFSqBn8zeG8ojWAmHtkq4MdsyK5nNusVdlK5MzMkOCCIE9MoIVVgpzIgEEzalMlk42hBOGpdrNX0t8lb3i1Tr8XRY4Sv6dj3IhRwLae86te3-Gc7e3aLmk9GQ4d&sig=Cg0ArKJSzCTIECvXIdiGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame A669 41 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 15:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Dec 2022 15:45:48 GMT

GET
H/1.1 200
OK adb.js Show response
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 2 B
739 B 54ms
15ms Script
text/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/2.video-loader2.1-cr.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:11:24 GMT
X-GUploader-UploadID: ABg5-UzuRsLKTUnE2j8TsFca2KTLvRt8NxnctG4I2-AHPJ54zUAh9bpPAQfezSx8RQX9PoHELvXaxJL-R91NukoaSB8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 2
Last-Modified: Thu, 14 May 2020 13:22:36 GMT
Server: UploadServer
ETag: "56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash: crc32c=cz4mSA==
x-goog-generation: 1589462556858294
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=1800
x-goog-stored-content-length: 2
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Tue, 07 Dec 2021 13:41:24 GMT

GET
H2 200 B26699562.318027000;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2291457577;ord=yv713t;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstiu_R5XlfzH0ZNwqqrXBPOxEIC... Show response
ad.doubleclick.net/ddm/adj/N636.127214STRIPES.COM/ Frame 20E1 57 KB
23 KB 103ms
67ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N636.127214STRIPES.COM/B26699562.318027000;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2291457577;ord=yv713t;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstiu_R5XlfzH0ZNwqqrXBPOxEICi7BavINOgXDa-v0Vicf4pay1q1oD7YatxWaXyzi1NMG69SWMfQZgx3UQWJ_LzbUlA5VoMfxP-je3hqDNEgCDbjHHtGXniAENjdM51lAVCavWBSbY6h4tSReleTmfVe6Y14xq4Ri4Dx9AAV6TW-p-_TSsVpm73uESjmZl_Ibdk0f65IECXO-WR1h3jpHKMXPu-LIIH05qrsg7hvliABo68WKhpdeJwPLYpYLhq4o1aw66l2Qd1Bl4wBuvuMmZH0akTf3SicX416qysm-y20M0yNG2TAWuM-Xe-cYu%26sig%3DCg0ArKJSzB1ZKFPuqGv6EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=XOHXl1aG4a;sttr=59;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

ce93b3a64826022a059b137e8f50a878f5dcded0d5af4e883fc6feb4d62cbf7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23968
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B10124636.264546103;dc_ver=81.236;sz=300x600;u_sd=1;dc_adk=3147127415;ord=d0s7xg;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss_ktZWWD2_rU6TSSjwB1YU4XtJfKfNVEzVUXdyNnAz... Show response
ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/ Frame C134 41 KB
21 KB 67ms
38ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/B10124636.264546103;dc_ver=81.236;sz=300x600;u_sd=1;dc_adk=3147127415;ord=d0s7xg;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss_ktZWWD2_rU6TSSjwB1YU4XtJfKfNVEzVUXdyNnAzWXf1eUDFfqsUvf7zlvtyhmzzKuk43CgpoUTb8DBiAoFZ6MWw3T5T-JcIjGTG-DURZIgkv3sIFiFbAqnhrWroVyYjIuyhCairYw6cxfAd89976zuypx2cBz7GXvMzcyaMjlV4GvjE09YLeAKB-WhoSn4u7l1_Z7qtxS3QH7oyHQ2UhpiV9v0Nw6bOkeztXTVBxHpqpE8z3Qg08ACF4xOIH1Yyhw9Yf4DZ4uBp_jm9XCSVxEBkuT2mXd_GqOzW7MO7n0C_osYNGMIVamG2RDer%26sig%3DCg0ArKJSzDs1p9E-ivVTEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=XOHXl1aG4a;sttr=56;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

567a147a21b26a9bff5cb8788c1ba174a117ba7b2df01eb070f5244df8207a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20794
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B26699562.318037607;dc_ver=81.236;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1307176738;ord=kve92t;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstJ72QnSWmGWOEngDXVgy0W_FH4t... Show response
ad.doubleclick.net/ddm/adj/N636.127214STRIPES.COM/ Frame A669 57 KB
23 KB 80ms
53ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N636.127214STRIPES.COM/B26699562.318037607;dc_ver=81.236;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1307176738;ord=kve92t;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstJ72QnSWmGWOEngDXVgy0W_FH4tzrUQZd_BDWjSzjdoVM3IXtF2Y_gO6xUxTVqACAAcH6GOSWjlYQdmiItVfzAtQ40Lq3A6sAq-m3nrpX4xqj6ADUmXixmdUiwTjeHd0WB8qdyxrvR3_vggs85TJomjomkm1OBd56RQPRxhogvul35TrdQWLwlbalvsphtT7jbxUuILqd6tHB0QvKupWCo0qwl63sunXKMAhAAtZ0wYrllb7IVM3lJHW7usTNYRGBu7-9xS_EC_8LGMkA9PkN3Gaz75rtour2_zCweQaIYG1tIeSGYEU6XHFeAvjv5Kkm1%26sig%3DCg0ArKJSzD_M3mgBuMauEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=XOHXl1aG4a;sttr=53;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

c001b85563f7a75482f05747a96b7698950a51aece4c3e52dcddd2275a4368de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23904
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B10124636.264578310;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2189986252;ord=q0lxmf;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsscxsHiQjOeW2zdxw_2pfLB5m6C... Show response
ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/ Frame 58C9 41 KB
20 KB 72ms
46ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/B10124636.264578310;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2189986252;ord=q0lxmf;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsscxsHiQjOeW2zdxw_2pfLB5m6COGc41K-ulQSr-byOr9Y2u1h0fX4v0CBeSJYEazUn3GUc14k_EqVDNpzusCQZViWsVDOxbDlP_Aggt8NVP6xd4GoSDv0bZwlFBbbMNQDm6Bl81KVTO9NAabq5hTs2ttMJPAVt5YBJX1TLls06Qe12U-kHhxI95RRCT0I9kdeeQjtFlnr1ltvtiA337J0W30bkUmViI3A0jyHQu9brkWtmY436vcXjpYCzr9e6Z5pwyOnfw13gwEJH6dK87hBqTstQYPi7txAFbzDfksq3RR0UajKDnqJmAm6QGsrD%26sig%3DCg0ArKJSzNvkf2WJOrEmEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=XOHXl1aG4a;sttr=57;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

0153c23b3503ea89e8fc34545e19d00b143c930080bf867e6f97b283ddacbeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20654
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 avcplayer_2_73.js Show response
cdn.avantisvideo.com/js/ 266 KB
267 KB 9ms
9ms Script
application/javascript 2600:9000:2251:b000:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/avcplayer_2_73.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b4455f80bbefc4ce584b3f9866d5510cc64f918c075d963320b84a99040235

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: NuN.9nNuZfe8Z1lvjcJbDZ_PaEYTyneN
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5f.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jul 2021 16:57:43 GMT
server: AmazonS3
age: 80444
etag: "df7a5e9e0c91119cb99942809c8453af"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 06 Dec 2021 14:50:41 GMT
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 272476
x-amz-cf-id: dzAr-WdZMkI4QgBpTsjv-kpafhNYi-Tc1NMmgGl_0b2NoZzE30NBrA==

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame C134 8 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/B10124636.264546103;dc_ver=81.236;sz=300x600;u_sd=1;dc_adk=3147127415;ord=d0s7xg;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss_ktZWWD2_rU6TSSjwB1YU4XtJfKfNVEzVUXdyNnAzWXf1eUDFfqsUvf7zlvtyhmzzKuk43CgpoUTb8DBiAoFZ6MWw3T5T-JcIjGTG-DURZIgkv3sIFiFbAqnhrWroVyYjIuyhCairYw6cxfAd89976zuypx2cBz7GXvMzcyaMjlV4GvjE09YLeAKB-WhoSn4u7l1_Z7qtxS3QH7oyHQ2UhpiV9v0Nw6bOkeztXTVBxHpqpE8z3Qg08ACF4xOIH1Yyhw9Yf4DZ4uBp_jm9XCSVxEBkuT2mXd_GqOzW7MO7n0C_osYNGMIVamG2RDer%26sig%3DCg0ArKJSzDs1p9E-ivVTEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=XOHXl1aG4a;sttr=56;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 13:06:12 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C134 0
524 B 115ms
64ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4K1nX_UkRVpvyQrdV3DLGwJYAP9OliO_eyY5E-TvDvVtAog3j9C9ANwm6I1J6l6Bzo2shlrlgOkiKSXOO23hnvSelDfePbSRJLX99R1baKkEgZRpR22a1vPbn2CWfkh0Jcnsc5Ky6z1MDpR7ngdu-&sig=Cg0ArKJSzIn6vFiZgOD8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211201.13542&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C134 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 06 Dec 2022 16:15:15 GMT

GET
H3 200 RR_Heroes_B-300x600.jpg
s0.2mdn.net/3967255/ Frame C134 52 KB
52 KB 32ms
9ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3967255/RR_Heroes_B-300x600.jpg

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a83efe84bdfdeb0653959f607fea3ddce41f4265c73028cc8bfeb61125e1adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:21:22 GMT
x-content-type-options: nosniff
age: 6602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53324
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 14:47:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 11:21:22 GMT

GET
DATA 200
OK truncated
/ Frame C134 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6dc054a28708eb11029e0e0b59ddc34bd10271218d245285504b0e8ab661dae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame A669 106 KB
37 KB 43ms
18ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
Origin: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 09:59:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 09:59:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame A669 8 KB
3 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N636.127214STRIPES.COM/B26699562.318037607;dc_ver=81.236;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=1307176738;ord=kve92t;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstJ72QnSWmGWOEngDXVgy0W_FH4tzrUQZd_BDWjSzjdoVM3IXtF2Y_gO6xUxTVqACAAcH6GOSWjlYQdmiItVfzAtQ40Lq3A6sAq-m3nrpX4xqj6ADUmXixmdUiwTjeHd0WB8qdyxrvR3_vggs85TJomjomkm1OBd56RQPRxhogvul35TrdQWLwlbalvsphtT7jbxUuILqd6tHB0QvKupWCo0qwl63sunXKMAhAAtZ0wYrllb7IVM3lJHW7usTNYRGBu7-9xS_EC_8LGMkA9PkN3Gaz75rtour2_zCweQaIYG1tIeSGYEU6XHFeAvjv5Kkm1%26sig%3DCg0ArKJSzD_M3mgBuMauEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=XOHXl1aG4a;sttr=53;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 13:06:12 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A669 41 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 06 Dec 2022 16:15:15 GMT

GET
DATA 200
OK truncated
/ Frame A669 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89556695a6b9f47aa18b0394c334f2cc76751d675e101f9343d6e193a716bf22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ins.txt Show response
static.avantisvideo.com/data/ 5 KB
1 KB 16ms
16ms XHR
text/plain 2600:9000:223f:c600:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/ins.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=a061a13b-410d-4c16-a77a-13198232388c&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:c600:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73c5c079e730facbcbb0e099dae321c6dcaaa1076f51afa9899d7a745c13a0c8

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Dec 2021 06:37:37 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 08:57:16 GMT
server: AmazonS3
age: 23628
etag: W/"261a10093ee55fb7fde7cd260d7d9fcc"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: gae_dZ1n_umXQ1blGpBe_FlA8IR1UsxTzx86w2MscPHLllHHcrkCPA==
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame 58C9 8 KB
3 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7384.127214STRIPES.COM/B10124636.264578310;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2189986252;ord=q0lxmf;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsscxsHiQjOeW2zdxw_2pfLB5m6COGc41K-ulQSr-byOr9Y2u1h0fX4v0CBeSJYEazUn3GUc14k_EqVDNpzusCQZViWsVDOxbDlP_Aggt8NVP6xd4GoSDv0bZwlFBbbMNQDm6Bl81KVTO9NAabq5hTs2ttMJPAVt5YBJX1TLls06Qe12U-kHhxI95RRCT0I9kdeeQjtFlnr1ltvtiA337J0W30bkUmViI3A0jyHQu9brkWtmY436vcXjpYCzr9e6Z5pwyOnfw13gwEJH6dK87hBqTstQYPi7txAFbzDfksq3RR0UajKDnqJmAm6QGsrD%26sig%3DCg0ArKJSzNvkf2WJOrEmEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=XOHXl1aG4a;sttr=57;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 13:06:12 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 58C9 0
60 B 63ms
62ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYK_LtDawqi9GFmDramBEKUZpq0NlVnyPiR6ocGB2bhuGoDVh57BhuVh_GEe8JGRR8ys0hcQWDAI6GJvdasGJQKITzTzOW14sc5FOY0TBxjoA6iz8L85n6uTWnpAXT2t_uveJtA2jXjYSApyaTynRh&sig=Cg0ArKJSzCGCT2c1ANvqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211201.22387&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 58C9 41 KB
15 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 06 Dec 2022 16:15:15 GMT

GET
H3 200 RR_Flag_B-300x250.jpg
s0.2mdn.net/3967255/ Frame 58C9 29 KB
29 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3967255/RR_Flag_B-300x250.jpg

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5aa811f81d526046d5d3073a8adfa93f2db84842567ea2d9e38ec1c939b2b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:39:12 GMT
x-content-type-options: nosniff
age: 16332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29988
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 14:45:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 08:39:12 GMT

GET
DATA 200
OK truncated
/ Frame 58C9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e9d0cd57cae1ca5650a4b2b35286cc9a8480893ca830b0013e4b0e9e862b2ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 20E1 106 KB
37 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
Origin: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 09:59:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 09:59:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame 20E1 8 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N636.127214STRIPES.COM/B26699562.318027000;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2291457577;ord=yv713t;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstiu_R5XlfzH0ZNwqqrXBPOxEICi7BavINOgXDa-v0Vicf4pay1q1oD7YatxWaXyzi1NMG69SWMfQZgx3UQWJ_LzbUlA5VoMfxP-je3hqDNEgCDbjHHtGXniAENjdM51lAVCavWBSbY6h4tSReleTmfVe6Y14xq4Ri4Dx9AAV6TW-p-_TSsVpm73uESjmZl_Ibdk0f65IECXO-WR1h3jpHKMXPu-LIIH05qrsg7hvliABo68WKhpdeJwPLYpYLhq4o1aw66l2Qd1Bl4wBuvuMmZH0akTf3SicX416qysm-y20M0yNG2TAWuM-Xe-cYu%26sig%3DCg0ArKJSzB1ZKFPuqGv6EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.stripes.com%2F$0;xdt=1;crlt=XOHXl1aG4a;sttr=59;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 13:06:12 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 20E1 41 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 06 Dec 2022 16:15:15 GMT

GET
DATA 200
OK truncated
/ Frame 20E1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 748fe8dc5f2043d62d37972f073120ce15f66102dd213bbc140ee71f1218fed4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hls.min.js Show response
player.avplayer.com/script/2/2.55/libs/ 247 KB
71 KB 114ms
14ms Script
application/javascript 2a02:26f0:6c00::210:bb21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/avcplayer_2_73.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 71831
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
server: UploadServer
etag: "7888b98658e8cef4a98786556ccdab66"
vary: Accept-Encoding
x-goog-hash: crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language: en
x-goog-generation: 1610290372874389
cache-control: public, max-age=300
x-goog-stored-content-length: 71831
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Dec 2021 13:16:24 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 2D74 364 KB
103 KB 92ms
8ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/avcplayer_2_73.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 90b69c5f7668353e1ae5d266dba1f8a4b2dbbb254b6a2cf6e5b2d91381a714eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvM8Pl4fiI-ZbcE4PithR_rK-MeKxMp4OZZWD18zge6GsrKnlRzIkUA_rXDfr4ERs0JdXwI9UMEjKdEOuvM17w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 104652
last-modified: Wed, 01 Dec 2021 06:59:43 GMT
server: UploadServer
etag: "c090f073758d1a9717d1a9aa2c037cb5"
vary: Accept-Encoding
x-goog-hash: crc32c=bxmpzg==, md5=wJDwc3WNGpcX0amqLAN8tQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1638341983568684
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 104652
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Dec 2021 13:16:24 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C134 0
23 B 104ms
47ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C134 0
0 58ms
58ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzEs5G2QZOXQBeRC3dISyrUe6Tu25gQiy1k-KEtHtRC1RnvFynq_eU4266s7plnPAPU8FC28t0zUIFFLxrPrCt47Vyc_zjcIEnqvLaHxlJPZWmn1NsV5lH8yC5ZQA9_01Km9rqOMTor1vd_Zm8Tt2sNMG2RvUWsO5DQGXbZ3Vl0A1oWM-er8n71XUBMdzNT7ArPyT1unTWBIM2tjF_oIlbrzMtnkQCs90u8QfBjuzqG8HROP6XbJ5NtfqZcP2LRUPm0VswzM5oB4asuklNQxGAvXZrq_7ySpdGdi-yJnza4HpZ698NVMqrFzKS6bh_eP7ixOQ&sig=Cg0ArKJSzCEPhtutxVR_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 07 Dec 2021 13:11:24 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 58C9 0
23 B 94ms
47ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 58C9 0
0 53ms
53ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8PqmoYdpeqel9iMDEJ4iJ-tPXkyZ9bZNvHatBEdS5C4ttptRtaZ7OQP5IvixLDhp5ROQmAUsaTazXnoplsn1eFqmPGOKriTLccB2h8I4_CRIk21t3Znarv6AFqLwqep23HhIhGnksr0jyEtUJnqe83jMeSI9DhTymyozFK3-64dFfKKvqpzER9xrTIoxiB2oPhS-Wv9ro1Gn8Z6RYzjx7UjzzHr7vkibLIYTCY9qaUFZbXMmU9aW6vXrONPdyCtjYDBz1_XuM-dKPW8k4neNygc0kBafeqq4FyBTSriRmTT5IIzsVtvxWdtuHUF-NthVS07I&sig=Cg0ArKJSzK0SUUYwkVcCEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 07 Dec 2021 13:11:24 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0D11 22 KB
8 KB 31ms
31ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 06 Dec 2021 16:15:15 GMT
expires: Tue, 06 Dec 2022 16:15:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 75369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame A669 8 KB
4 KB 102ms
8ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=2837563&cmp=26699562&sid=2293535&plc=318037607&num=&adid=&advid=8508620&adsrv=1&region=30&btreg=510834316&btadsrv=doubleclick&crt=161681296&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8b94cbe5296254e6bc2199c7099b21f9308583e421f3b5204166eb9bbf19cc58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:11:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Nov 2021 12:39:48 GMT
Server: Microsoft-IIS/10.0
ETag: "0424488f9e1d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3291

GET
H3 200 index.html Show response
s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/ Frame 2C5F 8 KB
2 KB 21ms
20ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c052f4a657197e8082e23174f1c0fdb09c90a1fc7ddef0128a6ece11ac128674

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2374
date: Tue, 07 Dec 2021 09:38:40 GMT
expires: Wed, 08 Dec 2021 09:38:40 GMT
last-modified: Wed, 17 Nov 2021 20:22:28 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 12764
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A669 0
23 B 65ms
50ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhF71JxtEccyf0B72DhNFwTUyvVmo0m1YWo8vH8jd9v7ZMOBoqwJuT3s8dNmBRZghY_VqD6sWfhPTqt1PJI805W3CXesa0JwYcD6xILBeJevaBI4Qg8s6D2TYiV48LLBdvWOw7asZC2GSCuPtNcwT0&sig=Cg0ArKJSzAUbawNZUbKKEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=163&cbvp=1&cstd=161&cisv=r20211201.10987&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 20E1 8 KB
4 KB 89ms
8ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=2837563&cmp=26699562&sid=2293535&plc=318027000&num=&adid=&advid=8508620&adsrv=1&region=30&btreg=510557195&btadsrv=doubleclick&crt=161655668&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8b94cbe5296254e6bc2199c7099b21f9308583e421f3b5204166eb9bbf19cc58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:11:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Nov 2021 12:39:48 GMT
Server: Microsoft-IIS/10.0
ETag: "0424488f9e1d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3291

GET
H3 200 index.html Show response
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 7525 8 KB
2 KB 16ms
14ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d95a84f7330ced9452b5bda7f2fadeb8f6ee505f6334972ef0812b484c6653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2378
date: Tue, 07 Dec 2021 05:14:46 GMT
expires: Wed, 08 Dec 2021 05:14:46 GMT
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 28598
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 20E1 0
23 B 46ms
43ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstapw35HbGf5TY3bCdAh7gQUvJ5hapssVhqDlRk8AW0vhpUEZQ2FQQJapBLyMq-PVrtFvlrZuMKwPdQNqNd34egXaBX5a2ASQ4ib4zDbhh2CcJ5dW6kNMZz5p3bOZUhWx6njdR0tY5kvlSfp5ad0hFK&sig=Cg0ArKJSzJf5KzDh8YtXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=120&cbvp=1&cstd=119&cisv=r20211201.25224&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 59F7 22 KB
8 KB 10ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 06 Dec 2021 16:15:15 GMT
expires: Tue, 06 Dec 2022 16:15:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 75369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B28D 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 06 Dec 2021 16:15:15 GMT
expires: Tue, 06 Dec 2022 16:15:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 75369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4413 22 KB
8 KB 8ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 06 Dec 2021 16:15:15 GMT
expires: Tue, 06 Dec 2022 16:15:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 75369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bg.jpg
s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/ Frame 2C5F 11 KB
11 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f2f2e8ecf31220f9de33de2e9bfe120e8dd28b838c8412a60af5421537503a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 09:38:41 GMT
x-content-type-options: nosniff
age: 12763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11746
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:22:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 09:38:41 GMT

GET
H3 200 t1.svg
s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/ Frame 2C5F 8 KB
3 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/t1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b584ede4308a67b5c89b40c3a843abf6a50797c36dcdaaf99f56f2ae4d1ea28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 09:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2736
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:22:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 09:38:41 GMT

GET
H3 200 t2.svg
s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/ Frame 2C5F 5 KB
2 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/t2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9263db8840af36ebabeca464a88d201ad11591a2b7a3a3f15c2a873fc36e2fb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 09:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2110
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:22:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 09:38:41 GMT

GET
H3 200 t3.svg
s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/ Frame 2C5F 31 KB
8 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/t3.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59abb01bcc4d554adcc6ce3dcecddacfce19378cefe8fb3037c04298167d3dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 09:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8453
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:22:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 09:38:41 GMT

GET
H3 200 t4.svg
s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/ Frame 2C5F 14 KB
4 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/t4.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52eb21a7e4d89723323c12600b97756f4eb4943742d8930022d758817af4d1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 09:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4339
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:22:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 09:38:41 GMT

GET
H3 200 logo.svg
s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/ Frame 2C5F 24 KB
9 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0367166c171106ad6e8850d5499f3d5eeca25ad692c97a111045c07dddefa25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 09:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8921
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:22:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 09:38:41 GMT

GET
H3 200 cta.svg
s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/ Frame 2C5F 2 KB
1 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/cta.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc48fa75e215803fc749570d1080a8d0b1f0f42549720b1953f096ef342873ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 09:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1126
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:22:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 09:38:41 GMT

GET
H3 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/ Frame 2C5F 112 KB
33 KB 26ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180548785/FEP2121522_PreOS_Medical_SOBO1_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5a1af3f56b4294252d7c75144ae9d0ac198e9229952b7e11cbb31f17f138123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1278610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33291
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1be2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuu8kG62sj1SjGiiQVqqpOaDDU%2FYsRkwgEq1MkqrDPb9wkmiiDL7JwtIi8DoNQXLFOsZaprY6jyaFaaZ6Ctnd5qEPFD07H55iq3CnCG2%2BzQChdiDRhmy0kNchXsnK8N35PiYs1bfbEHFqTUy4aim6PFy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b9dffecee5d6957-FRA
expires: Sun, 27 Nov 2022 13:11:24 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 7525 14 KB
14 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba28e784afbb6f3a0c6a7154de0a12c268dd2c58949beea2bee3312763763aae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:14:46 GMT
x-content-type-options: nosniff
age: 28598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14356
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 05:14:46 GMT

GET
H3 200 t1.svg
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 7525 9 KB
3 KB 10ms
10ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/t1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2764e65feb56d8e9f9051368a0e0ee9daf5263f1786adb335834fbd83889c22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3329
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 05:14:46 GMT

GET
H3 200 t2.svg
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 7525 5 KB
2 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/t2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1427a6a628bcd74ac46fef27108bc9d36b79f338e7d005c48e4e96b3a6b34b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2095
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 05:14:46 GMT

GET
H3 200 t3.svg
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 7525 39 KB
9 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/t3.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6df177f09bbe0f57f3bd1a71b5036d102a11024a94aa97de623feb116515e493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9041
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 05:14:46 GMT

GET
H3 200 t4.svg
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 7525 14 KB
5 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/t4.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dcf07542306051cfa16bd73fcddc2dc4ee540b58964ba08b9e62065f34214e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4715
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 05:14:46 GMT

GET
H3 200 logo.svg
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 7525 24 KB
9 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0367166c171106ad6e8850d5499f3d5eeca25ad692c97a111045c07dddefa25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8921
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 05:14:46 GMT

GET
H3 200 cta.svg
s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/ Frame 7525 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/cta.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc48fa75e215803fc749570d1080a8d0b1f0f42549720b1953f096ef342873ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 05:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1126
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 20:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 05:14:46 GMT

GET
H3 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/ Frame 7525 112 KB
33 KB 31ms
20ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8508620/1637180627999/FEP2121522_PreOS_Medical_SOBO2_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5a1af3f56b4294252d7c75144ae9d0ac198e9229952b7e11cbb31f17f138123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1278610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33291
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1be2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5t0T%2FHd8OfAzlwSh%2FYH0kWPpbH2wbIxzbbcDWDya6HM9eSgyIuwY6HB83ZB1dyZ%2BE1gfS1Kl8lfqWO6Ldx9AExIF4w2%2BEScNC8rtr37T9eBnzL3sMEMp1Sk2u1hN4TP0PeRGims%2BkQXVOiapntHZh8CR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b9dffecee606957-FRA
expires: Sun, 27 Nov 2022 13:11:24 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 317ms
101ms Image
text/plain 34.225.64.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.stripes.com&sn=&ic=0&tgt=0&app=&wi=300&he=169&test=&d36=6.1.2.90&apppkg=&fv=1&proto=https&pid=5ebd1adfeb6db67e1d52ebba&cid=5ebd1d747d7c78697e0af0a8&stagid=&stplid=&e=inventory&vi=100&cb=1638882684912
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.64.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-64-38.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK dv-measurements1874.js Show response
cdn.doubleverify.com/ Frame 81EF 490 KB
89 KB 16ms
16ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1874.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9d37d1712b2be6bd01460ea30ab676c8baa512d5f1de5d608511a4403bea72dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:11:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 11:10:53 GMT
Server: Microsoft-IIS/10.0
ETag: "801ca49edadad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91038

GET
H/1.1 200
OK dv-measurements1874.js Show response
cdn.doubleverify.com/ Frame B9F1 490 KB
89 KB 14ms
14ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1874.js
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9d37d1712b2be6bd01460ea30ab676c8baa512d5f1de5d608511a4403bea72dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 13:11:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 11:10:53 GMT
Server: Microsoft-IIS/10.0
ETag: "801ca49edadad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91038

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 3 KB
2 KB 326ms
103ms XHR
application/json 3.217.20.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&AV_VIDEOURL=https%3A%2F%2Fcontent1.avantisvideo.com%2Fhls%2Fhealth_02.m3u8%3Fid&tid=1&d=desktop&i=0&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5ebd1adfeb6db67e1d52ebba&AV_CHANNELID=5ebd1d747d7c78697e0af0a8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.stripes.com&AV_DADPOS=1&d36=6.1.2.90&sver=1&avtoken=684912&AV_WIDTH=300&AV_HEIGHT=169&AV_DNT=0&cb=1638882684999
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.20.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-20-60.compute-1.amazonaws.com
Software: /
Resource Hash: 8aeb418f8fdd25f7f6b4d2e011b906de388771b44dbd16d3d28882872a8ac6a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:25 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 25 Nov 2021 23:24:45 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 159ms
159ms Ping
text/plain 44.237.19.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.19.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-19-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 13:11:25 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 20E1 0
23 B 44ms
44ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstapw35HbGf5TY3bCdAh7gQUvJ5hapssVhqDlRk8AW0vhpUEZQ2FQQJapBLyMq-PVrtFvlrZuMKwPdQNqNd34egXaBX5a2ASQ4ib4zDbhh2CcJ5dW6kNMZz5p3bOZUhWx6njdR0tY5kvlSfp5ad0hFK&sig=Cg0ArKJSzJf5KzDh8YtXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=384&vt=11&dtpt=264&dett=3&cstd=119&cisv=r20211201.25224&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A669 0
23 B 45ms
45ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhF71JxtEccyf0B72DhNFwTUyvVmo0m1YWo8vH8jd9v7ZMOBoqwJuT3s8dNmBRZghY_VqD6sWfhPTqt1PJI805W3CXesa0JwYcD6xILBeJevaBI4Qg8s6D2TYiV48LLBdvWOw7asZC2GSCuPtNcwT0&sig=Cg0ArKJSzAUbawNZUbKKEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=442&vt=11&dtpt=279&dett=3&cstd=161&cisv=r20211201.10987&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D11 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 13:04:11 GMT

GET
H2 200 health_02.m3u8 Show response
content1.avantisvideo.com/hls/ 19 KB
3 KB 63ms
8ms XHR
application/x-mpegurl 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.m3u8?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ad8413a178fc05c02c83169c8dd8fef2eba77e0e6c2a99a71a823e8a7afef10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: .1hOrRxxaHUp2jvg.X4srj00BSqwH4Xz
content-encoding: gzip
etag: W/"da4792841aeb2eb99004c70dfb41e460"
age: 27035
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.stripes.com
last-modified: Mon, 30 Aug 2021 07:19:39 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 05:40:51 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/x-mpegURL
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: EYqfiNsZGvgKYUM6oXYT0s1Uf2YYo0hX8Ye19qh2g6PUgtpY7Jy1rw==

GET
H3 200 ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 59F7 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 13:04:11 GMT

GET
H3 200 ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame B28D 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 13:04:11 GMT

GET
H3 200 ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 4413 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZhD25ev4EfR-XFP19TbfDo9DHcMa9GGM1cDlPvVEM3Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13522
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 13:04:11 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 81EF 2 KB
2 KB 263ms
163ms Script
text/javascript 34.117.158.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=131&ttfrms=24&brid=3&brver=96.0.4664.45&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DDEC%3AA6D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DDEC%3AA6D%5D4%40%3ETar9EEADTbpTauTau6365bcd2eaaccf36ce2_%60%606e6b3g4d5%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=737&ddur=90&uid=1638882685096832&jsCallback=dvCallback_1638882685096985&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1874&tgjsver=1874&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Febed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=22&brh=2&sdf=2&dvp_epl=221&noc=4&ctx=2837563&cmp=26699562&sid=2293535&plc=318027000&crt=161655668&btreg=510557195&btadsrv=doubleclick&adsrv=1&advid=8508620&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&region=30&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=614020444445.4438&dvp_tukv=476950723756.59357&dvp_uuid=60349206.69759413&dvp_strhd=0.3000001907348633&dvpx_strhd=0.3000001907348633&dvp_tuid=786735875716
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.158.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.158.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 357c24ee82b8e6df696606bdbea8d008fd4dbe0cfe754915fcb419a3bd653e2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 13:11:25 GMT
Cache-Control: max-age=0
Connection: keep-alive
Content-Type: text/javascript
Transfer-Encoding: chunked
Expires: 12/06/2021 13:11:25

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame B9F1 2 KB
2 KB 250ms
163ms Script
text/javascript 34.117.158.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=141&ttfrms=5&brid=3&brver=96.0.4664.45&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DDEC%3AA6D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DDEC%3AA6D%5D4%40%3ETar9EEADTbpTauTau6365bcd2eaaccf36ce2_%60%606e6b3g4d5%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=528&ddur=103&uid=1638882685111918&jsCallback=dvCallback_1638882685111813&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1874&tgjsver=1874&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Febed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=22&brh=2&sdf=2&dvp_epl=221&noc=4&ctx=2837563&cmp=26699562&sid=2293535&plc=318037607&crt=161681296&btreg=510834316&btadsrv=doubleclick&adsrv=1&advid=8508620&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&region=30&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=8094368503.591725&dvp_tukv=80213611139.01027&dvp_uuid=335521039645.343&dvp_strhd=0.10000038146972656&dvpx_strhd=0.10000038146972656&dvp_tuid=283740973945
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.158.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.158.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 5be78f9711358eb39e1fa7d347f887bcfad31c2b075e950546104ce2a9d8c21c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 13:11:25 GMT
Cache-Control: max-age=0
Connection: keep-alive
Content-Type: text/javascript
Transfer-Encoding: chunked
Expires: 12/06/2021 13:11:25

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
328 B 47ms
16ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Dec 2021 13:11:25 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
337 B 144ms
67ms XHR
application/json 52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 4fc4cdb550632e27aececdd3178327f642f0f76654c2ebefa48f436e1310138c

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:25 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache
x-server: 10.45.1.231
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
543 B 120ms
38ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 81f77540f9fb96f52e36215319719de4ee6a8eed355deafe4fa2282ff8256697

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Dec 2021 13:11:25 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.stripes.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 06 Jan 2022 13:11:25 GMT

OPTIONS
H2 200 health_02.ts
content1.avantisvideo.com/hls/ Frame 0
0 10ms
10ms Preflight 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Tue, 07 Dec 2021 12:11:58 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: IYFAH26cDV-WW3uiSszx6wgzZXZ0awPOmQ2pg9r1G_E6i4e6mskgHw==
age: 3568

GET
H2 206 health_02.ts Show response
content1.avantisvideo.com/hls/ 113 KB
113 KB 10ms
10ms XHR
video/mp2t 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10add97dc2a4d798e3d719acdb6a46666242b8e829637284c585985bea9eb7ed

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-115431

Response headers

x-amz-version-id: gd0lwwHWU2K6vm0rqqESqiAqh30Wt7rh
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
etag: "2dbd2d15c46540090d64708d92c20063-3"
age: 27029
x-cache: Hit from cloudfront
Content-Range: bytes 0-115431/51030908
Content-Length: 115432
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 05:40:57 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: SsjyHx_oXJdR0FYchXxGItUlshdF5Qmd0ICUHLiaCMbwANunAx_LXg==

GET
BLOB 200
OK bda40ba8-e0bb-4393-a9f0-d36076b5a680
https://www.stripes.com/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.stripes.com/bda40ba8-e0bb-4393-a9f0-d36076b5a680
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 8E7C
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1638882685268-935392687883-006748-004-006714%26biddername%3D55%26key%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1638882685268-935392687883-006748-004-006714%2526biddername%253D55%2526key%253D%...
https://sync.aniview.com/cookiesyncendpoint?auid=1638882685268-935392687883-006748-004-006714&biddername=55&key=8268148276647502419

0
215 B

290ms
93ms

Document
text/plain

18.208.104.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1638882685268-935392687883-006748-004-006714&biddername=55&key=8268148276647502419
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.104.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-104-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

date: Tue, 07 Dec 2021 13:11:25 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.9
Date: Tue, 07 Dec 2021 13:11:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1638882685268-935392687883-006748-004-006714&biddername=55&key=8268148276647502419
AN-X-Request-Uuid: 8685eeea-5511-4ffd-8afe-7a2a30d82f65
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame 2D74 314 KB
98 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 272a612f7fcefd5b1292d2b642a9a252c57ee1b6c97cdfaad321eecca2466dce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:25 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvqqILf_qwh7s9u-plstsc_Gp5PiW8jXwa7ZZBa5V-RYBlKEGcfpDbg4Mv24HJt7HqnBptCkMuVERSUizQpAs0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 99492
last-modified: Wed, 01 Dec 2021 06:58:16 GMT
server: UploadServer
etag: "58251031c6023dee10212742471f8135"
vary: Accept-Encoding
x-goog-hash: crc32c=V+UbGA==, md5=WCUQMcYCPe4QISdCRx+BNQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1638341896718566
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 99492
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Dec 2021 13:16:25 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 101ms
100ms Image
text/plain 34.225.64.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.stripes.com&rs=www.stripes.com&sid=92666&t=1638882685&cip=91.199.118.73&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ebd1adfeb6db67e1d52ebba&test=&aafaid=&proto=https&uid=1638882685268-935392687883-006748-004-006714&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=83657068354&d9=1000&AV_WIDTH=300&AV_HEIGHT=169&&ppid=5ebd1adfeb6db67e1d52ebba&nid=59918a0e073ef4782e4e347f&pcid=5ebd1d747d7c78697e0af0a8&ncid=5d4aab3928a06112b42d3a48&pasid=602a84ed49e41b0580387469&e=request&cb=1638882685352&asid=61ade67e4be78524bc647707&ofpr=0.42&fpo=
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.64.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-64-38.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1

204
No Content

event.png
tpsc-uw2.doubleverify.com/ Frame 81EF
Redirect Chain

https://cdn.doubleverify.com/redirect/?host=tpsc-uw2&param=akipv6&impid=64bf0c137dd740f9b9a5c61eeae1c5c9&cbust=1638882685409148
https://tpsc-uw2.doubleverify.com/event.png?impid=64bf0c137dd740f9b9a5c61eeae1c5c9&akipv6=2a0f:9441:5:0:e5::1

0
162 B

190ms
156ms

Image
text/plain

34.117.158.252
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-uw2.doubleverify.com/event.png?impid=64bf0c137dd740f9b9a5c61eeae1c5c9&akipv6=2a0f:9441:5:0:e5::1
Requested by: Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 34.117.158.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.158.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 13:11:25 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 12/06/2021 13:11:25

Redirect headers

Location: https://tpsc-uw2.doubleverify.com/event.png?impid=64bf0c137dd740f9b9a5c61eeae1c5c9&akipv6=2a0f:9441:5:0:e5::1
Date: Tue, 07 Dec 2021 13:11:25 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

204
No Content

event.png
tpsc-uw2.doubleverify.com/ Frame B9F1
Redirect Chain

https://cdn.doubleverify.com/redirect/?host=tpsc-uw2&param=akipv6&impid=a0b2fae83eda4ac2be1b50945f1ff889&cbust=1638882685412511
https://tpsc-uw2.doubleverify.com/event.png?impid=a0b2fae83eda4ac2be1b50945f1ff889&akipv6=2a0f:9441:5:0:e5::1

0
162 B

191ms
158ms

Image
text/plain

34.117.158.252
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-uw2.doubleverify.com/event.png?impid=a0b2fae83eda4ac2be1b50945f1ff889&akipv6=2a0f:9441:5:0:e5::1
Requested by: Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 34.117.158.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.158.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 13:11:25 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 12/06/2021 13:11:25

Redirect headers

Location: https://tpsc-uw2.doubleverify.com/event.png?impid=a0b2fae83eda4ac2be1b50945f1ff889&akipv6=2a0f:9441:5:0:e5::1
Date: Tue, 07 Dec 2021 13:11:25 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
852 B 66ms
49ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 13:11:25 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b7c3fb63-0a54-4400-8583-f4ca02311016
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.stripes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 165ms
165ms Ping
text/plain 44.237.19.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.19.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-19-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 13:11:25 GMT

OPTIONS
H2 200 health_02.ts
content1.avantisvideo.com/hls/ Frame 0
0 7ms
7ms Preflight 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Tue, 07 Dec 2021 12:11:58 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: Ih77orthhOwPMfa1MiwBTMnqued-VP2WogWn1cfoctfvw6gudf0r4A==
age: 3568

GET
H2 206 health_02.ts Show response
content1.avantisvideo.com/hls/ 101 KB
102 KB 10ms
9ms XHR
video/mp2t 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb04024ab169cf57783a1abece7096b4e90903a33bcc9a34e12f29fc3d921f6d

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=115432-219207

Response headers

x-amz-version-id: gd0lwwHWU2K6vm0rqqESqiAqh30Wt7rh
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
etag: "2dbd2d15c46540090d64708d92c20063-3"
age: 27029
x-cache: Hit from cloudfront
Content-Range: bytes 115432-219207/51030908
Content-Length: 103776
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 05:40:57 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: DSoJ9vCDMS5PkV58i6f-8jxSUBZ0n3mzA5WqHkxxAQXlBIJslyR9Sg==

GET
H2 200 track
track1.aniview.com/ 0
70 B 102ms
101ms Image
text/plain 34.225.64.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.stripes.com&rs=www.stripes.com&sid=92666&t=1638882685&cip=91.199.118.73&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ebd1adfeb6db67e1d52ebba&test=&aafaid=&proto=https&uid=1638882685268-935392687883-006748-004-006714&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=83657068354&d9=1000&AV_WIDTH=300&AV_HEIGHT=169&&ppid=5ebd1adfeb6db67e1d52ebba&nid=59918a0e073ef4782e4e347f&pcid=5ebd1d747d7c78697e0af0a8&ncid=5d4aab3928a06112b42d3a48&pasid=602a84ed49e41b0580387469&e=request&cb=1638882685547&asid=61ade67e4be78524bc647707&ofpr=0.42&fpo=
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.64.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-64-38.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 163ms
163ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

9cb15bd9f312dbf5983171b237aed3e857c78828c9617b9ec7ab586da4dee5af

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 13:11:25 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 83a380d8-d40a-4f8c-b87a-c5c43bc8a2ae
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.stripes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 159ms
159ms Ping
text/plain 44.237.19.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.19.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-19-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 13:11:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D11 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiQ9vfF2vYdPdH-KV7_UPtsCLmAYAAAAAOAHgBAI&bg=!IiGlIWXNAAaQHwIOkB87ACkAdvg8Wr68YkpA6WJ8Ver6zrq5fbLzG48xCb2VGJkrle8MBlzZOjNaxgIAAAFnUgAAABRoAQeZAv2_uCJ41vDbmSLnsc1RVuajw0PqRDKT4quFzr3jgR62ScOBzmskCcFW_BlQgBnNaEYcxWeegvAS3z2YsiG1Xh9BoB0NS9isJwm37efjBZmf4m-LXVJW4x6DTkOfoz0nL6mNW545O1bZOJCeqVSI7JMayp6OgOog0REcn_GeN2GOkbzElDndrGWtWm6nSvltejLUc55HRKelMROf337QvOHZg1BxnGo2Zzyb-VBpVhNtZ0-fNj9KM6HryLGdvVtNaC_InozVZljDcaBzoHMmhLUjI1htTUveP-9nC8dJ4O5T0UYbIFyhcLwbPdMqew10SFXeoR9_8vkRW3PBW2LLDzQhx8x8RyaevqNgwbHnj24PtZw-hFGPyVsL6G5ioH_GIEBlt23oc-krPYqAW0ksDxeqbk84VM3OG7gX83gWP1xlW6VHjNqHdOZEMZW2goLLyq61NHPLD3lUb49pW2EQXVzhH5IQ-AVR99v5r_10xw7zslYwFeszrNTA3AYscqCTmsomfor9eUR3M3c9f8PWO0no0KKHxZdAhq-y7muaou1gTs_BsC_lNcIsNejAX9dCUPTYuYjA1ynmg_5sVcv4k0pQ8Gke04EpZ2O9G9n6pCAHFRJuUv2uicC2-KkIYuwTxKz8IMLrBym0qLBGfm2TVTpScuHpKqzt5-l0AP3sj5eSbUHZ9I5Xti4RpCuFIs14kj515cJ4zfM1GyzTDOXJt7rzNpYoFxemFXoetA4RQ5QONcUpbAhjKN8Z-fA4TeUctY-prYi6Pam-fbIrQNQKIG6gVmb2tdmin3whBPKCNVCv5G6O3Sk5g8bKKLpyFSg87PNTTJiRigKXZ8tV8JZaD5BdkBujUImWH2hLEoXLmy2EKCY9lMKQIKpDECc1tQVcTmhqWu3W8TASVqAfQHEli8g81kYhXbvoHBb3xo7Z5njHrmNrn6z6JNNZpY6sp3BYP5AGFJ2WRerdwHVYP6u3dNmcoxnsHunEWH6EAfn3P6CrXuGah4QcrMuMmpEnHBc

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59F7 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoFWgfF2vYcnjH8j5-gbhy6TIDwAAAAA4AeAEAg&bg=!ZGelZyPNAAaQHwIOkB87ACkAdvg8WmB68gnagh945Nk1fZGZGT1Vx4cU4w0wC7Dvdi4SJgw-wReyYwIAAAFcUgAAABRoAQeZAvu2_g7W0odpmbsDJ3Qj9cxzdsBYudsoijV9MjUzrEXy8ScqIFlAKWEbt9HuAh-IOg7RCX5--Jv6DqZ3kVBOK1vvsGlijXG-3gMje6HroEDEJjQ1LqJX9PwWt-s6DnlEd9CyRK6C36FTlnjfwFHdJDVURt0freA4c059hiR9m2mQ8vpzBoAIVAAMlyS6l4Y2x_uygkQEyB2P6sIckH78Nu-X2UQbLDGf8dhOHnexM0TrJFZkNBtvwLLUXl8SvKAVQJ4xeXCLV9VSpcGjM_pMqYApemRpZuIpC6gu2X0YeQnUKkxa1LR5JxdyMc4zlCA8Nq6RiGwF0WMJNXjUaFHiVI5TehhWTeNdRjYExw6hpVEsh2jlvXQI5gaN_gUgbJU4CvjKm9hTOXoliP-9STeeaB8be0uvtymJ945sEVmbC-PyG9lyHpp0layNhIeuP2nITSSXZ2_H0za0P5MnGswXfDsdGPWF_QOo2yBWm01Hy-5px6xGlSU1VXGX3Bmte6mzFXV_iQ6BVePGqkSdkzj78FOOjEPLHdzjZW3CiWA-UHcFwascBsbcUSB-oF_d9oujWjrC2QDjahz2dLrzcJoJy3zkGytuPhYOt9ZhYmgneG_Lb-c89J9prZ23hA4zk195ESicf1kzaTFqlZJkqlI1fopAzQ7KRQK7_x3SxFd9Ret732fQIxjao1dl76vBV9PnQLvZmovCQszKd_Wv3R5cvEATUr1CjOwdgIQarCT_j9CnW-GtsRuDK9YyQJRL4VIm0ZS1N1ZFW2vsGbG-QOuAY1MzVDJO29RNksgBYGi-S6Rgx2FKyQr14LO3ByL1uq8-9WFjeHyc6f-HbackAGNCfTsxiKmLLpaX3OrmpN2riNVh2CtrocotHwQVYpNxCC77C4R8YgPE45GncuqfCJvxcyHtAL1TOOxNnPK7bW323VrGTZH-E9wCJinJH6j3C9bMDlZxgeWqtospsUqUQj8gzyb862HAcRAaY-3W9VGRK237CexPrOlDoOMOSDSi

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B28D 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKZNrfF2vYePqH9Wrx_AP2OeakAcAAAAAOAHgBAI&bg=!7O-l76vNAAaQHwIOkB87ACkAdvg8Wrx5G0Sh11XJxCq5nCOCNeeH3g2w35sRXDusT6VXX3BKCJnCLgIAAAFTUgAAABloAQeZAxGbvkjSSYkZY7hgyFtMZUYqRs_okRSq-pDKXbBC-UkHv43tNbHpOYuavrO6l_vvk3S310AXZUZC-mke0KedhmgO2F5kjNfF6flLMiXCVG2i9m-DCODQ366_oYLCYGpgYMYobl2I7B0Snn8J1OwfLzy-fxlqXTNmIMi62qBKl3NOKr2xvQP3l6fiG025HFmcY5CEsImw9ubsLG67bKElh6axNrWs6PNhaZzbAewtP1bXHn9I6N1sIztRWpf_fs12LAuIM9BHWyYXEj8d41Sk3-Hai5KrvI-2WEblDvupP8sugGMmVD_Ydnb5_FSWc0sUUkM6dQ2g4WVVgbQUTdpjRMPveTV9R2aw45V3AwuWP59gMK4LPyrXChjIhr_hZBOEgCBeto0Sfw_bCvjxXgde-33qfbNHP_P_hBHQd-6dx4Mkp29wQF9W9JYeQa8pHII-TFk5xLC17dn4sHUlQeLCCgiSGosLGDIvcuXRBHSW6_wFZREdqZOB4EdP_14JkoAXWOnC4SvwapQPYdLYeQYwHlQqj40Dbkog_TPX1ZCYp6ctVS9u--F13PZnion3Pe-roU1DqSdKJ4AHvASbA-DN7a3QIuGqgYs8MxSkf0NBuaNKiFu99SGL84VzAj6X9nlXZ8rU03_covefeyX70-0i3vSjC_bdEFD1aOT83uOgrIEqfxVmcJA_8Jccb3M_bCSVxfpyEDQ1lBuUvHxi4m0q-50AA_UyWhcrgarzmxX7q6DtL5iw24yJQxEyAR1CJjKAB2AyiqX1GURzEucR3utVNP1EAiKTylvEg21DgBqRGZIFKh0tZtIwiZytGie0fmhazz3T6S8Wn8LEpaN3OHNYAy2TWhzLhY2Hil3tCevP1sNDm_WMVnxJyXS8hUKcv9jsFClKZ1vqB1A_-ZNpJ_lZ0so3GGHvvWLtM0tesauGRy_1YSC4UYF-CHiupEt-3RKD4nAio6TSyk66MJzS54N3_jhgXDQ9LzURKxioTUEBO-x1H3WqY5XB4PIn3ZcLLHj0RIJ0Tebmt3rJG8bSEIOulp2HnQ

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4413 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLWJDfF2vYZnYH9ju-gbC4qDQCwAAAAA4AeAEAg&bg=!x8SlxIDNAAaQHwIOkB87ACkAdvg8WtsE86U56e7X-wFMfKVwWdw38H2v6x9X6ARK99CSrL9va4okswIAAAFFUgAAABhoAQeZAvhDcDv-19pyIBcdXzaltyFhpo7EebDtVz2IKCYVtlIr7hAZl0zRSe9RsduO7rWNI--E0W4zTtf1SV9UPMCHpLdm5KuyUWmLksBSjl4oxjfTOxTO5-0R3r8yIbW8_APFbExlg_m81RATsHIj-Fw5Cy1fUIt6xNsknf9QUPQL48DEMGdkJgdvrFJZsNGljRh7U77vMWeEUVgUxaTnyN51GvHc53Mz-Rf853DOpud5Ryu8Nndi_ho_YKYhEhbetQxS5v5M9_hPcj0OgrxCtN9U9xMfRTyT_VUPtQ4QIOof7Qehm3_B3eQ_p147ze_xsVwLUgh4iasXd-lGSDqmyeKmsVoS07kD6_jzeF3iAhhDGFnY6rZU21c75eLKA4PAg4GG1vBIFCHTBQojPBMfFTPdQ9UWE_VFfM5rezZNdOGqc_xb7Ghx5W01xQFX5DDlGEDmMGGfHckpZq-R40CgVTFV9coCE-Oqv58g7yB9qHWh7HOdqPQCPXG0svjpEGMNGMGCll1Hk9tpGmPeEgY48vloZ_me41VLxoUtaCbSzSUVTUJnRDJNhFlOdlTDJyTedfLEqIhM_hP8McQZMUmzApcrpsWwEwkZmH4kilkKvMyIwNE8vrZQW_ETqeIQPXti3u9KWj1o7LO4Jg4cZ_L7gwPmLYiEwo6YXNfTqBVXqrBogpw9_caKkVqxaEc_vaWxO0Vd19_gUDAwjptAPdkENFG7YA3HhOr7MCWdimpCJCkwZz8B3W0Wauq4ncrNrEKZtEiDG_2Jb5Cu1LxmUW-ukTQIciPbzdf9E1mwKUzzjlfOG0cKbvme54LmD-ZUHIMy498UpCzzlVmwa8sqQg2jaRN0vBCH3ifuKrQTxmb_dX0zMu7x8hMs1vGxqcxQjZExDGNW8UvSiB1ro0pz-sh0SAUwz2CwptecQfDm2p-exuMXxLE7KPFVK7FzIb5I6xPEYkSviWtOhO_Sknkx5QLPic1adz_fLvTf2zmADXDrwnKSFWRcbNyhwrco9nXy

Requested by

Host: ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
URL: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 health_02.ts Show response
content1.avantisvideo.com/hls/ 102 KB
103 KB 11ms
10ms XHR
video/mp2t 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 211a6f84f22cff8ed0193803dad803916830273dadceb7b48a847554fb3bf1aa

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=219208-323923

Response headers

x-amz-version-id: gd0lwwHWU2K6vm0rqqESqiAqh30Wt7rh
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
etag: "2dbd2d15c46540090d64708d92c20063-3"
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
Content-Range: bytes 219208-323923/51030908
Content-Length: 104716
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 13:11:25 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: r9j-6ZpD7-S45q1J7fRtUnMtplTblzfcxF1S5Uir8aPB-y6mIkbl-Q==

OPTIONS
H2 200 health_02.ts
content1.avantisvideo.com/hls/ Frame 0
0 7ms
7ms Preflight 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Tue, 07 Dec 2021 12:11:58 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: eKNCdvFBIYcLbTBnkFmC1d-uNG-9TEDQ_-asnlOioAwrfvCQ-_qFUA==
age: 3568

GET
H2 206 health_02.ts Show response
content1.avantisvideo.com/hls/ 100 KB
100 KB 11ms
10ms XHR
video/mp2t 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6abb6455f3426c3d92b639f890f55057381227889c0b6d5648d8698a4842d15

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=323924-426007

Response headers

x-amz-version-id: gd0lwwHWU2K6vm0rqqESqiAqh30Wt7rh
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
etag: "2dbd2d15c46540090d64708d92c20063-3"
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
Content-Range: bytes 323924-426007/51030908
Content-Length: 102084
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 13:11:25 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: j4eouBRuiJRUIWLgFxZ4I4I4ieco4_vp_phbqbn9A13ERkiaQZMZxg==

OPTIONS
H2 200 health_02.ts
content1.avantisvideo.com/hls/ Frame 0
0 7ms
7ms Preflight 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Tue, 07 Dec 2021 12:11:58 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: ggIezS7P-2kYhgoTIqZqPFgLX_T2Ic2WDvFlS53N9N2Ii4EDlm0xHg==
age: 3568

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 20E1 0
0 56ms
56ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSOXJpM-UwmGMLOxa2PSKC-0XmKVtrCXvqBCAfp6PLZaiw2RmneSFC_ZGDZVCtvn8LjHTFeiCENy2wWPKOjVl_4hWxQB4Q4QV1vUZgZGepDB7cIcCiQyfdkryVAcLAl8wi6UzGl_kC1NJ5I5fO0yGEk8QHQxz8pJmI76hm_4tNXQ-CP1jrwYG22yzKtrdV3cdnmDn6ug-jCmGUgBCusAWgMug3gfuVD5ebctFUKm1M330xsQ9AhFB-6pgkWxBSY9MTSPS9yRBNfFlpe5afSXgKzAmRWcMvkXzr0m-NoV89dd_3ap2pe--mnimZAULknbBGNng&sig=Cg0ArKJSzJOgSDZF3Zh9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 07 Dec 2021 13:11:25 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A669 0
0 47ms
47ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYL5h1bNOjoEr_GV8hGA4bewBFMhCOLO4RbFDV6aiDu_p3TCsUbmkwkuWueO-GmP0H9sveKOJvdCSsKECUNHn6g2jzWK-gLd7SBANpFokOG5uZfkhD8GGTK0F7XjFIi76Jx52P_T4RLHyQO-BNFJ8ZSE5dl5Ev6ORlO2p7qUg9cAi3fIesb7tjfzjT4GqLgLodGLQb85XrZj7FbNTUYPRMqEeicAZxwpmfxrXAY5bR2q7tqCT-hIUdNY3j9P-FaUXrYo2-d64stGdH80db6YqFln-lo4V-n2i8c8T4hc70H69yJmTVnelZ_nY44sYavFGrg_zidY4&sig=Cg0ArKJSzEpl4nMQN3xsEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 07 Dec 2021 13:11:25 GMT

GET
H2 206 health_02.ts Show response
content1.avantisvideo.com/hls/ 231 KB
231 KB 10ms
10ms XHR
video/mp2t 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12472d519f16267c34711bf5c57f6b0d6f3562a293e52ead11a10a350b0279c6

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=426008-662135

Response headers

x-amz-version-id: gd0lwwHWU2K6vm0rqqESqiAqh30Wt7rh
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
etag: "2dbd2d15c46540090d64708d92c20063-3"
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
Content-Range: bytes 426008-662135/51030908
Content-Length: 236128
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 13:11:25 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: 5fv06ilEHMwnuSVxA9lGhsQA3zarOOCU6jXLqOtN-zIgqd-oxaIhQw==

OPTIONS
H2 200 health_02.ts
content1.avantisvideo.com/hls/ Frame 0
0 7ms
7ms Preflight 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Tue, 07 Dec 2021 12:11:58 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: XwCCSLu9gD130MWikuuYqeNiPnO6YOKRGXro1nAIx8-PTGzf-isOQQ==
age: 3568

POST
H2 200 v2exdKo0TAvPnthHyco2cYCZotwPK-STzjsuxtpqSCikNmDWf3uWLKvL18KllQaLRdHuf53QDIyz1SNxgIA Show response
unwieldyhealth.com/ 216 B
613 B 44ms
17ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://unwieldyhealth.com/v2exdKo0TAvPnthHyco2cYCZotwPK-STzjsuxtpqSCikNmDWf3uWLKvL18KllQaLRdHuf53QDIyz1SNxgIA

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

6a0ef17d1f622d95f9fccc4cc003db9d30972661467b2d28d4d6919128ac6222

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 07 Dec 2021 13:11:25 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: e47ab626
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Tue, 07 Dec 2021 13:11:24 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 41ms
25ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e04f3b9d50e443c95c8281bc378b5d77e0fe34983c1cee69e36bcc76b74abd42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 13:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8624
x-xss-protection: 0

GET
H2 200 m-outer-f7902241893e7a497417843cb15dc858.html Show response
js.stripe.com/v3/ Frame 3FF4 240 B
958 B 9ms
8ms Document
text/html 18.66.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-117.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 240
last-modified: Wed, 27 Oct 2021 22:19:31 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Tue, 07 Dec 2021 13:10:50 GMT
cache-control: max-age=60
etag: "f7902241893e7a497417843cb15dc858"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: ZKSJdSgU65k9QlEs4Onq8pK-nn2isae_SJvN_1-211GmESgT2hc9iQ==
age: 35

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 186ms
185ms Ping
text/plain 44.237.19.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.19.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-19-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 13:11:25 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 3FF4 0
346 B 485ms
164ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 07 Dec 2021 13:11:26 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 m-outer-639174098ea8fe7fede6fa654790e8ec.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3FF4 1 KB
1 KB 9ms
9ms Script
application/javascript 18.66.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-117.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 25
x-cache: Hit from cloudfront
date: Tue, 07 Dec 2021 13:11:00 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 19:35:20 GMT
server: Cloudfront
etag: W/"5213886b88cd72e6d0aebc89868e5d13"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P5
timing-allow-origin: *
x-amz-cf-id: Ta24uuX8b5dd3kJhlsVuJW5D74eSk_e9CJz05fA7yU5MS91jB11arQ==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 07 Dec 2021 13:11:25 GMT

POST
H2 200 v2zxovuRa-Vn_S2lU3oZAptxeA1VgAVNgqFIeQ9OcqXPwDSK0uOuclxup8624U7axRMb9Oa8EUKowBnyC-g Show response
unwieldyhealth.com/ 3 B
36 B 148ms
148ms Fetch
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://unwieldyhealth.com/v2zxovuRa-Vn_S2lU3oZAptxeA1VgAVNgqFIeQ9OcqXPwDSK0uOuclxup8624U7axRMb9Oa8EUKowBnyC-g

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 07 Dec 2021 13:11:25 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-hostname: e47ab626
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0165 932 B
2 KB 45ms
20ms Document
text/html 2600:9000:223e:3800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:3800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 932
last-modified: Thu, 04 Nov 2021 19:04:57 GMT
accept-ranges: bytes
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; font-src 'self'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
date: Tue, 07 Dec 2021 13:10:37 GMT
cache-control: max-age=300, public
etag: "f6254e6dd0cb06228801a1c8baf0939f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab23076896ec73a1a830c9cdc49fcac5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: IUc61rkF5cTLiAZ5oqqERh3QJpWcw7m8MPstPwNLAxkub4Lwr6xceA==
age: 49

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A669 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvegYsC1iZCsXdQ6N8ktpLX-Wq8Nx43yDv3oIDnndLPZogzmBnLThz5SARuL-xn0HUQgt9TMcK07JfY6tJjSfKPGSb8mJb_&sig=Cg0ArKJSzIrVhS-vd02hEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=1307176738&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638882684242&rpt=562&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E43 13 KB
5 KB 19ms
18ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Tue, 07 Dec 2021 12:48:11 GMT
expires: Wed, 07 Dec 2022 12:48:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5A29 783 B
533 B 45ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f7d19c199b4e9fa542baf4ee994781715578150dd4187dad56697f694418cbc9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yKltls7u+UCvDqFbbNfalQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 07 Dec 2021 13:11:25 GMT
date: Tue, 07 Dec 2021 13:11:25 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-yKltls7u+UCvDqFbbNfalQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 csp-report
q.stripe.com/ Frame 0165 0
121 B 408ms
164ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 07 Dec 2021 13:11:26 GMT
x-envoy-upstream-service-time: 0
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

POST
H2 200 csp-report
q.stripe.com/ Frame 0165 0
120 B 408ms
165ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.stripes.com
URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 07 Dec 2021 13:11:26 GMT
x-envoy-upstream-service-time: 3
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 20E1 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxVgxJNokwm-b-TsKhC_HsfjkOttNPjtm3v1w6Bpj7GYR5ZhW-mXVssczZs-pr4g0nt3WkqAx5gFo1jDMpGC2UJNYaSUXl&sig=Cg0ArKJSzKShwkwTI6zHEAE&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=2291457577&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638882684046&rpt=796&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame 0165 85 KB
14 KB 10ms
10ms Script
text/javascript 2600:9000:223e:3800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:3800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 32
x-cache: Hit from cloudfront
date: Tue, 07 Dec 2021 13:10:53 GMT
last-modified: Thu, 04 Nov 2021 19:04:57 GMT
server: Cloudfront
etag: W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 ab23076896ec73a1a830c9cdc49fcac5.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: Qcv7-mItOR8l8CcmdF2ImSMM_8mL5Rv-4xc1FMF27JGgf9TkEvUOWQ==

GET
H3 200 4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E43 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 15:16:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13379
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 15:16:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5A29 0
0 62ms
61ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120201&jk=322604460578481&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

POST
H2 200 6 Show response
m.stripe.com/ Frame 0165 156 B
523 B 501ms
178ms XHR
application/json 34.209.192.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.209.192.116 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-209-192-116.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3ed7ad3f32ca302fe2a749b9730b721b673342f49ee583c6c03d3efc11847cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 13:11:26 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DE26 52 KB
17 KB 54ms
25ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 08 Dec 2021 02:31:34 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 07 Dec 2021 13:11:26 GMT
Age: 38395
X-Served-By: cache-lga21961-LGA, cache-hhn4027-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 8, 569821
X-Timer: S1638882686.064041,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 10D2 52 KB
17 KB 34ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 08 Dec 2021 02:31:34 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 07 Dec 2021 13:11:26 GMT
Age: 38394
X-Served-By: cache-lga21961-LGA, cache-hhn4072-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 8, 569198
X-Timer: S1638882686.063333,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 10D2 0
731 B 54ms
54ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 13:11:26 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e9e6cb5d-967f-473e-a8e3-069324c615ca
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DE26 0
731 B 19ms
6ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 13:11:26 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: fca07b7d-b905-45cc-8458-e606a43735b4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120201&jk=322604460578481&bg=!OTqlOn7NAAaQHwIOkB87ACkAdvg8WnOOG96Itd7LLd2dyaVDQWaKHz4QdtcynqTimGfsKWnHcmLWNgIAAACLUgAAAA1oAQeZAsfqfTJL--aARnXfydB2PGY1YbzWtUcU-dfRKO9kuM6LJoT7uDpckAzC8XUEDgmkckABK2iq4ftWQOpyJxtrw-LjzePoZCl1w2sEGmej_ukzp7nxaZS8BFQD3tiSQwcXLtRp0F8AgqukCedZO2ccfIReEoNVpqcFL6Q6jCVeYIOD3OG7YTg5UxcUuASrjgwvTwdf3M0kJz2dySCqyNBMMiUzCfRjZtd7m5FzhrXmzlOZPHTu4iAeJq2zy9xHDfrg9I6g3hnPYNR67ElapVxZSfEtBwl2LDEWnro4FQtqJhMedqFmrLnfKmrzLJ9022IZQJa4B5Kc3hHY3l5v9frJEiyFvJvIoD9QrC4-wb2oKncOcr5r4aIiGb8iBBOIWEhAefsAjo7vfPmuk_Nay-9-SDKkA_tsI3XVTM-TELd4kE8mt1jcRVwiC4uKYKZsRjt1_6aH_MqDlDpnuQF_NQi8OENqJroi2PkgU8OMHy-At6u0QnNPOdc1FJYlCJIpNNg-fdZ_HTpvSIqzNa1mWftX4szf_qnDalDT1ktPu8Rzapx0rTZYhNMw2HE9rE7d1kcIN-zG0PFAdsXI6aWemx4f3AnamxwaEJ36eQ-fP9AgsN4vDhMXlWMoxijoCD1zbUFEGNL6bkM1q8-LOtx_fwRklkPnOihNK-u8Cuna3nfMzoVy5y8YbbwTZ6bCjzkO_Y9e_9nV6USj7g7pgIFcmSsT8eJVtNlMj-FUGNdnzpffmB4Q-iKMaICZlsJYwcwa8XoYC9kqwMlALfx3kmJUjgCZhRa-qy-HNUNlVq5NJwMmlv4hUFwzsvt-O3LDKrFq85vUciUIONC09fROcbRattUS0ueztUsZYrJHUp3H93g-UhS5uCeVzwU0FxNkHRLJsfH500EQuw1YgjpWBuP9DaOIvdmK-5SzcIP-zk2mNpY9VobMzDVu6mxNLhU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 20E1 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6iO3VheiZo1WpUDPDfB2r211SCKmB6ZpgjenXCEFOj3FWA2JVZGvnNK0gKTHb-N29wWMP3Q-Js_ybnVq-LLdCFy2mOaKvBHzc8R7wiHFmxymcv3C1&sig=Cg0ArKJSzP7BYqXdB7A1EAE&id=lidar2&mcvt=1000&p=551,1145,801,1445&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=375948347&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638882684046&rpt=1609&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A669 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvARlkuVuORxG39K1-u_hHhBvDhbO88iTELPcRaUU_GbAXQLB4lNYFHvJXNyXfoGolUiDZN3nfEVgW_Nkt2Sr_XPITq6oyuxwe8SqkOEe9IaAQqipS-&sig=Cg0ArKJSzNAzUN7RYDY7EAE&id=lidar2&mcvt=1000&p=0,436,90,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=1986035644&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638882684242&rpt=1423&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2jsesd9kZwvtvNkGvWiTdMY8nJ08iknW9az8PxnOPi-4n29o9ADrUbEroaVhylGCsyGjBDLE3jgTgMPOgvU
unwieldyhealth.com/ 2 B
322 B 15ms
14ms Ping
application/json 35.190.64.11
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://unwieldyhealth.com/v2jsesd9kZwvtvNkGvWiTdMY8nJ08iknW9az8PxnOPi-4n29o9ADrUbEroaVhylGCsyGjBDLE3jgTgMPOgvU

Requested by

Host: unwieldyhealth.com
URL: https://unwieldyhealth.com/v2zjsA7dXRGaOflwAf-P7adywfX-wHbRgVK7j9pAo5dE7A23d3SaObk4__kJ66vgn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.64.11 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

11.64.190.35.bc.googleusercontent.com

Software

Resource Hash

4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 07 Dec 2021 13:11:27 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.stripes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: e47ab626
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 2
expires: Tue, 07 Dec 2021 13:11:26 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 10D2 0
731 B 90ms
90ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 13:11:27 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: df67fe4a-f784-4b72-927f-80f7d2ac74d0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DE26 0
731 B 51ms
51ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 13:11:27 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 50fb4c85-9ad5-4619-936f-946e70a751a0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-uw2.doubleverify.com/ Frame 81EF 0
305 B 157ms
157ms Ping
text/plain 34.117.158.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-uw2.doubleverify.com/event.png?impid=64bf0c137dd740f9b9a5c61eeae1c5c9&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=265&eoid=8&msrjs=1874&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=90&tetms=14&msltms=27&vltms=265&sei=290&vetms=47&engms=1&engisel=1&ttfurm=2337&cbust=1638882687410174
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.158.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.158.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
Pragma: no-cache
Date: Tue, 07 Dec 2021 13:11:27 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 12/06/2021 13:11:27

POST
H/1.1 204
No Content event.png
tpsc-uw2.doubleverify.com/ Frame B9F1 0
305 B 157ms
156ms Ping
text/plain 34.117.158.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-uw2.doubleverify.com/event.png?impid=a0b2fae83eda4ac2be1b50945f1ff889&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=251&eoid=8&msrjs=1874&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=103&tetms=12&msltms=41&vltms=251&sei=290&vetms=49&engms=1&engisel=1&ttfurm=2305&cbust=1638882687412696
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.158.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.158.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
Pragma: no-cache
Date: Tue, 07 Dec 2021 13:11:27 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 12/06/2021 13:11:27

OPTIONS
H2 200 health_02.ts
content1.avantisvideo.com/hls/ Frame 0
0 13ms
13ms Preflight 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Tue, 07 Dec 2021 12:11:58 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: yo_DHofCFPG8V9FZ7VjkAKabDGwHUoiVT36txLr-f060svlluAoaAg==
age: 3570

GET
H2 206 health_02.ts Show response
content1.avantisvideo.com/hls/ 176 KB
177 KB 20ms
19ms XHR
video/mp2t 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4aae0b41c685d3426d09cbdb9e5d9587f05934c478b0d27a48d9bed12853d09d

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=662136-842239

Response headers

x-amz-version-id: gd0lwwHWU2K6vm0rqqESqiAqh30Wt7rh
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
etag: "2dbd2d15c46540090d64708d92c20063-3"
age: 27031
x-cache: Hit from cloudfront
Content-Range: bytes 662136-842239/51030908
Content-Length: 180104
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 05:40:57 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: dLinPiEbF1Xxm1tktsS6xEPARn1IZmgsJ8um74jOz9PwJr5IvsHHNw==

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame 1F1A 0
316 B 112ms
112ms XHR
application/x-protobuf 3.13.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=141495
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.207.171 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-207-171.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 07 Dec 2021 13:11:27 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 204
No Content event.png
tpsc-uw2.doubleverify.com/ Frame 81EF 0
305 B 174ms
174ms Ping
text/plain 34.117.158.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-uw2.doubleverify.com/event.png?impid=64bf0c137dd740f9b9a5c61eeae1c5c9&gdpr=&gdpr_consent=&msrcanlm=906&msrcannum=3&eoid=10&ismms=32&isumms=31&isvelg=1&nvr=6&elmtp=1&isbxdms=2432&b0=100&b11=2590&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2690&sftb=2690&msrdp=2&naral=642&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=945&isuiabvms=945&ispmxpms=945&engalms=30&engscrlms=178&dvp_pageEng=true&dvp_dpr=1&cbust=1638882688409149
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.158.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.158.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
Pragma: no-cache
Date: Tue, 07 Dec 2021 13:11:28 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 12/06/2021 13:11:28

POST
H/1.1 204
No Content event.png
tpsc-uw2.doubleverify.com/ Frame B9F1 0
305 B 176ms
175ms Ping
text/plain 34.117.158.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-uw2.doubleverify.com/event.png?impid=a0b2fae83eda4ac2be1b50945f1ff889&gdpr=&gdpr_consent=&msrcanlm=906&msrcannum=3&eoid=10&ismms=8&isumms=7&isvelg=1&nvr=6&elmtp=1&isbxdms=2307&b0=100&b11=2486&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2586&sftb=2586&msrdp=2&naral=642&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=916&isuiabvms=916&ispmxpms=916&engalms=6&dvp_dpr=1&cbust=1638882688412938
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.158.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.158.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
Pragma: no-cache
Date: Tue, 07 Dec 2021 13:11:28 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 12/06/2021 13:11:28

GET
H2 200 965c136e-8950-46d8-ac5c-aaea479e4572.png
gallery.mailchimp.com/f141047f5265cca1bca1a0c28/images/ Frame CFAF 1 MB
1 MB 39ms
10ms Image
image/png 34.96.122.219
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gallery.mailchimp.com/f141047f5265cca1bca1a0c28/images/965c136e-8950-46d8-ac5c-aaea479e4572.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.122.219 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 219.122.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 24ddd1e58048b259e6deeae98b02422179691006cdb65caeb236b7f4cf968278

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:48 GMT
age: 880
x-guploader-uploadid: ADPycdtSUS2EB9ORgT2wkRV9OIwCmtxHx6qLWbIf9nwsdNrAR08hutQyWhv7fC8VIMM8AH5mKDvRPCQ_srrCSZ8jsZA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053078
last-modified: Thu, 03 Oct 2019 18:29:45 GMT
server: UploadServer
etag: "b5c7e6cb1c31b46670d9cc70f4be66dc"
x-goog-hash: crc32c=607S6A==, md5=tcfmyxwxtGZw2cxw9L5m3A==
x-goog-generation: 1570127385991491
cache-control: public, max-age=3600
x-goog-stored-content-length: 1053078
accept-ranges: bytes
content-type: image/png
expires: Tue, 07 Dec 2021 13:56:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F7F9 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?cslots=0&dispcorr=0&streamcorr=0&loc=https%3A%2F%2Fwww.stripes.com%2F&ref=https%3A%2F%2Fwww.stripes.com%2F&gcasclass=1&vpaidadapter=f&ifstate=-1&lid=70&sdkv=h.3.490.0&id=ima_html5&c=1676481652000077&domain=www.stripes.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F7F9 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?csrvinit=1&lid=151&sdkv=h.3.490.0&id=ima_html5&c=1676481652000077&domain=www.stripes.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame 1F1A 168 B
346 B 98ms
98ms XHR
application/xml 146.20.128.163
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081150&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=774&height=435&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=91.199.118.73&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&contentid=%5Bcontent_id%5D&contenttitle=Marines%20put%20minimalistic%20command%20concept%20to%20work%20in%20Japan&contentlength=171&contenturl=%5Bcontent_url%5D&rnd=676dc1f8-acec-4676-837e-058c292ccad1
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.163 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 13:11:29 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml; charset=UTF-8

GET
H2 206 health_02.ts Show response
content1.avantisvideo.com/hls/ 183 KB
184 KB 10ms
9ms XHR
video/mp2t 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16609c12f69ed700ff53d78ba83431e625aa789558b34455b29a36b5c0d2738f

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=842240-1029487

Response headers

x-amz-version-id: gd0lwwHWU2K6vm0rqqESqiAqh30Wt7rh
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
etag: "2dbd2d15c46540090d64708d92c20063-3"
age: 27033
x-cache: Hit from cloudfront
Content-Range: bytes 842240-1029487/51030908
Content-Length: 187248
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 05:40:57 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: tOZraNaHZ4okbo8J6BckKKFfUsPN72bnTjgVNzdWmmbjJPPkKZ2oJw==

OPTIONS
H2 200 health_02.ts
content1.avantisvideo.com/hls/ Frame 0
0 8ms
8ms Preflight 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Tue, 07 Dec 2021 12:11:58 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 4Bxa7XQZziIuLB_RV_r2upV7QnzhcEGSzQ8kBODT98h43aM04SH4WQ==
age: 3572

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame 1F1A 0
316 B 112ms
111ms XHR
application/x-protobuf 3.13.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=141495
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.207.171 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-207-171.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 07 Dec 2021 13:11:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 307ms
102ms XHR
text/plain 34.225.64.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.stripes.com&rs=www.stripes.com&sid=92666&t=1638882685&cip=91.199.118.73&sn=&tgt=0&osv=10&bv=96.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5ebd1adfeb6db67e1d52ebba&test=&aafaid=&proto=https&uid=1638882685268-935392687883-006748-004-006714&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.90&cb=83657068354&d9=1000&AV_WIDTH=300&AV_HEIGHT=169
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ebd1adfeb6db67e1d52ebba
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.64.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-64-38.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 13:11:30 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame 1F1A 168 B
346 B 249ms
249ms XHR
application/xml 146.20.128.163
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081148&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=774&height=435&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=91.199.118.73&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&contentid=%5Bcontent_id%5D&contenttitle=Marines%20put%20minimalistic%20command%20concept%20to%20work%20in%20Japan&contentlength=171&contenturl=%5Bcontent_url%5D&rnd=d8c0f5bc-8f02-4bbf-8242-e1d2a5b53ec8
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.163 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 13:11:30 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml; charset=UTF-8

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame 1F1A 168 B
346 B 100ms
100ms XHR
application/xml 146.20.128.163
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081146&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=774&height=435&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=91.199.118.73&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.stripes.com%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&contentid=%5Bcontent_id%5D&contenttitle=Marines%20put%20minimalistic%20command%20concept%20to%20work%20in%20Japan&contentlength=171&contenturl=%5Bcontent_url%5D&rnd=23cbbdfc-cc8f-4ce5-8330-dd3b48fb845a
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.163 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.stripes.com
date: Tue, 07 Dec 2021 13:11:30 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml; charset=UTF-8

GET
H2 206 health_02.ts Show response
content1.avantisvideo.com/hls/ 186 KB
187 KB 13ms
13ms XHR
video/mp2t 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c3fbb91b2db13e2287e3249a1995fb9da88c5e91d9c9179cb398f5154366383

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=1029488-1220119

Response headers

x-amz-version-id: gd0lwwHWU2K6vm0rqqESqiAqh30Wt7rh
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
etag: "2dbd2d15c46540090d64708d92c20063-3"
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
Content-Range: bytes 1029488-1220119/51030908
Content-Length: 190632
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 13:11:31 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: er5_LbDn0QYZw1LChgwTq_2BaiFD0KGAuHB-f9kmZISqqGQAUcUp3g==

OPTIONS
H2 200 health_02.ts
content1.avantisvideo.com/hls/ Frame 0
0 8ms
7ms Preflight 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Tue, 07 Dec 2021 12:11:58 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 7771eZQga9PFbPFzZVTub8kKaiKYJog5Bn9UTu2pI3-8CTq9KnEsgQ==
age: 3574

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame 1F1A 0
316 B 112ms
112ms XHR
application/x-protobuf 3.13.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=141495
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.207.171 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-207-171.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 07 Dec 2021 13:11:32 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 rss_banner.jpg
vd.trinitymedia.ai/cms/1202/image/audio/ba245f8ca3ca9adf67be064863d2a596f0c21661c9dc6a8bcb61c26edd27b847/ Frame C54D 145 KB
146 KB 22ms
22ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vd.trinitymedia.ai/cms/1202/image/audio/ba245f8ca3ca9adf67be064863d2a596f0c21661c9dc6a8bcb61c26edd27b847/rss_banner.jpg?ts=1638799398000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: 859956b49fd05ca9e088fe73e70bc263e0ea5329c2884baee595d146cf33070a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:11:33 GMT
last-modified: Mon, 06 Dec 2021 14:03:19 GMT
server: AmazonS3
x-amz-request-id: ZGCD60H4JEBQR8YW
etag: "0b034abcf44653197866395432d88707"
x-hw: 1638882693.dop201.ml1.t,1638882693.cds202.ml1.hn,1638882693.cds223.ml1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=76464
accept-ranges: bytes
content-length: 148895
x-amz-id-2: EBdFmK7XdumdwZJAwjnK7krrN2RRmIO0I+rr62KAA7QT92E3x0+wu7WtKeIptYHRxG7hesH2pOs=

GET
H2 206 health_02.ts Show response
content1.avantisvideo.com/hls/ 157 KB
158 KB 12ms
12ms XHR
video/mp2t 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b6de5be00a9f67352506c451ef00f23076e270bfce315491b9ddae8f072fa21

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=1220120-1381047

Response headers

x-amz-version-id: gd0lwwHWU2K6vm0rqqESqiAqh30Wt7rh
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
etag: "2dbd2d15c46540090d64708d92c20063-3"
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
Content-Range: bytes 1220120-1381047/51030908
Content-Length: 160928
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 13:11:33 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: 4WARlR3ZpbHFUca6jpyxLCCsPe0P3CUrq5VpiosYfLQnDUeF_eiELg==

OPTIONS
H2 200 health_02.ts
content1.avantisvideo.com/hls/ Frame 0
0 7ms
7ms Preflight 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Tue, 07 Dec 2021 12:11:58 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 4RtXAxg5iSSSEAwkaGCJOkbbZW10TnhYTs5uF6wjk9ynyOpCOaf3LA==
age: 3576

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame 1F1A 216 B
476 B 125ms
125ms XHR
application/x-protobuf 3.13.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=141495
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.207.171 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-207-171.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 0c578fe47dc81146a283d515b718d33948068d936d7df6e09a15c90b26078a21

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 07 Dec 2021 13:11:33 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 179

GET
H2 206 health_02.ts Show response
content1.avantisvideo.com/hls/ 104 KB
105 KB 11ms
10ms XHR
video/mp2t 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b478c10c6b0f33076779e7a5097423bccc8bef9943ba85f9fe6270c311d02379

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=1381048-1488019

Response headers

x-amz-version-id: gd0lwwHWU2K6vm0rqqESqiAqh30Wt7rh
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
etag: "2dbd2d15c46540090d64708d92c20063-3"
age: 27039
x-cache: Hit from cloudfront
Content-Range: bytes 1381048-1488019/51030908
Content-Length: 106972
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 13:11:33 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: mT8HWhu91Lhwa2KrG9AlUtZxC6Zxq8wGqsd4Xheymnu0PrWY0PWHdg==

OPTIONS
H2 200 health_02.ts
content1.avantisvideo.com/hls/ Frame 0
0 7ms
7ms Preflight 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Tue, 07 Dec 2021 12:11:58 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: FqnhsdI39Mzmx3sScqkQ41dY0giJhIFTjMrN2_RPGS9l2NpZ0MZFTQ==
age: 3578

GET
H2 200 dc_oe=ChMImYb14eHR9AIVWLfeCh1CMQi6EAAYACD01opN;met=1;&timestamp=1638882695655;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 20E1 42 B
494 B 80ms
43ms Image
image/gif 142.250.186.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImYb14eHR9AIVWLfeCh1CMQi6EAAYACD01opN;met=1;&timestamp=1638882695655;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIyZH14eHR9AIVyLzeCh3hJQn5EAAYACCQn4xN;met=1;&timestamp=1638882695664;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A669 42 B
107 B 71ms
44ms Image
image/gif 142.250.186.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyZH14eHR9AIVyLzeCh3hJQn5EAAYACCQn4xN;met=1;&timestamp=1638882695664;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 health_02.ts Show response
content1.avantisvideo.com/hls/ 124 KB
125 KB 10ms
10ms XHR
video/mp2t 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f45ed83a45abaf7022fc875d71c8c1134096873bb61dd5d7c289e2bcc5b05972

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=1488020-1615483

Response headers

x-amz-version-id: gd0lwwHWU2K6vm0rqqESqiAqh30Wt7rh
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
etag: "2dbd2d15c46540090d64708d92c20063-3"
age: 27041
x-cache: Hit from cloudfront
Content-Range: bytes 1488020-1615483/51030908
Content-Length: 127464
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 13:11:33 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: w5X8nOjdZbZXgm0DqOU99kH1nikI2eleyJ3gJ1YpYmn0Xd9tp_fD_A==

OPTIONS
H2 200 health_02.ts
content1.avantisvideo.com/hls/ Frame 0
0 7ms
7ms Preflight 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Tue, 07 Dec 2021 12:11:58 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: SFFL6bzvTEYhEqC56N-3bjx9mT1hstHWIUSuGDVI7zO4pkgtbJGflw==
age: 3580

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 101ms
101ms Image
image/gif 3.90.128.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=stripes.com&p=%2Ftheaters%2Feurope%2F2021-12-06%2Freport-russian-hackers-spying-efforts-3877293.html&u=CElGviDY6fr0TlXp&d=stripes.com&g=66270&g0=Europe&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=7239&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1068&t=By-3nTD0PZW_CQgmptBI_8tz8PXO3&V=129&tz=0&sn=2&sv=tcBvrDg9pZxDHq9_LCm5MrExWE0B&sd=1&im=06530c4f&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.90.128.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-90-128-247.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.stripes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 13:11:37 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame 1F1A 0
316 B 118ms
117ms XHR
application/x-protobuf 3.13.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=141495
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.13.207.171 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-207-171.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Tue, 07 Dec 2021 13:11:37 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 206 health_02.ts Show response
content1.avantisvideo.com/hls/ 115 KB
116 KB 10ms
10ms XHR
video/mp2t 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2496aa638f66a863ebd182c7be17773ce6b49a01bd8f01e0d36a4c9a49a400b

Request headers

Referer: https://www.stripes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=1615484-1733547

Response headers

x-amz-version-id: gd0lwwHWU2K6vm0rqqESqiAqh30Wt7rh
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
etag: "2dbd2d15c46540090d64708d92c20063-3"
age: 27043
x-cache: Hit from cloudfront
Content-Range: bytes 1615484-1733547/51030908
Content-Length: 118064
last-modified: Mon, 30 Aug 2021 07:19:19 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 13:11:33 GMT
vary: Origin
access-control-allow-methods: GET
content-type: video/MP2T
access-control-allow-origin: https://www.stripes.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: mBU9jLM9SWn2d-9I3JentRsC4kVUqJe4aUOrmFML4pORs7NmYZ3wdA==

OPTIONS
H2 200 health_02.ts
content1.avantisvideo.com/hls/ Frame 0
0 7ms
7ms Preflight 2600:9000:223f:e800:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/health_02.ts?id=a061a13b-410d-4c16-a77a-13198232388c&tid=1&d=desktop&i=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://www.stripes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Tue, 07 Dec 2021 12:11:58 GMT
access-control-allow-origin: https://www.stripes.com
access-control-allow-methods: GET
access-control-allow-headers: range
access-control-allow-credentials: true
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: YS_XezCXGPeprtw6TnB281vaybXJk3xqmvNDYhr56Q_RSBSw4Y6L4A==
age: 3582

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.stripes.com/theaters/europe/2021-12-06	1970-01-20 00:19:30	Name: MCPopupReset Value: 1
www.stripes.com/theaters/europe/2021-12-06	1969-12-31 23:59:59	Name: ntvSession Value: {"id":5721249,"placementID":839427,"lastInteraction":1638882683285,"sessionStart":1638882683285,"sessionEndDate":1638921600000,"experiment":""}
www.stripes.com/	1970-01-20 08:43:30	Name: _cb_ls Value: 1
.simpli.fi/	1970-01-20 08:01:45	Name: suid Value: 5684C3F5E7A9424CB9A4580E163B4EA7
www.stripes.com/	1970-01-20 08:43:30	Name: _cb Value: CElGviDY6fr0TlXp
www.stripes.com/	1970-01-20 08:43:30	Name: _chartbeat2 Value: .1638882682673.1638882682673.1.tcBvrDg9pZxDHq9_LCm5MrExWE0B.1
www.stripes.com/	1970-01-19 23:14:44	Name: _cb_svref Value: null
www.stripes.com/	1970-01-20 08:44:57	Name: __atuvc Value: 1%7C49
www.stripes.com/	1970-01-19 23:14:44	Name: __atuvs Value: 61af5d7a826c1259000
.stripes.com/	1970-01-20 16:45:54	Name: _ga_S3BD5CQRB6 Value: GS1.1.1638882682.1.0.1638882682.0
.list-manage.com/	1970-01-20 08:00:18	Name: _abck Value: 0C54F4E5478F3D387B3BBD44B22CB00B~-1~YAAQtHp7XIu9yDR9AQAAsCcFlQc8MxgM9wqDziq1LKAoOzZm3n/1afFLO4Eskj3SBwyxSKDpByNwQlFavZh4gR3X5Rbi1o2wKv8SVOrUUb7az1msHXfHzExtn6ILNbNq8h/Cnyibr/4JfS0CoR0GwL+d36C2npphexQCXOJ65/7izTp2Va8HZz13S+HIYzCVTecrFim5kXj/8SUAfFi0MsK11r51mx7q+oN7CFAIUFsvhV9sbm6KKIJPVb+WBBnBSzmVMwtrNN48+Lhp1Ks7Gd4JZI8yyJjqpopAIrXsJiztoEoVlMcds4bzfut/ktELxAYieReZ5xyq5vlQQjIa3z+eNRG7TCyNyPkSLSAEJ/0L+nRo5ve5N4GKCRI5PCqc8g==~-1~-1~-1
.us2.list-manage.com/	1970-01-19 23:14:49	Name: ak_bmsc Value: 9BACF151D0DD342E4EEFC0D0F85861C9~000000000000000000000000000000~YAAQtHp7XIy9yDR9AQAAsCcFlQ72UoDBkjuZBtAjM7of0Ys/JmNQBoZ1pbR76iV3beJOydFXnO4o5OaY8b1rWgOGQCMwW/ZNatTupF5XimOHo9ZMi9zn42hP4jidDq1243vRc/gxVgHaMkKqSvO82Gd95TUlsDrw03TvRoHnE99eghLW20KaiA8FNu1Mq49qaom4lLovu35pR/lNiLHzZ+1mgxaqfWDjQp6Odiec5bxyBmPfusth8K2KZi4NxC2km+VG60EPC7d/Kf4HZ6bbSDknfvtkL7ZDbCkpvx28qe6wKW0HwpA1yGLfCKC78tIeW91JywmTo5X8aVEhOT/r8An47AoQJzJZk+JdDs1FKm2I50KW/IHPljhPG0BJmgX3qpHzMqhmQ6rdBxetGFjciUpj
.list-manage.com/	1970-01-19 23:14:57	Name: bm_sz Value: 989F2F8E8F12191C6166136071966880~YAAQtHp7XI29yDR9AQAAsCcFlQ6xGd4COPGv19pe7eKA+tn1YZRJBpBahLxvCS9in6fJt+0AXlJLp8QCvXwlyVtmPI8W9vAC8dlME9E+EPGLa//ao4KijNQSyevgyoR7SguzSRe+t8lWJEbmxzl4Xnv19XRBOgPbXfiCuEdlXp29hR2Tk+4GDK/gQptifzXNasJarus9SM83U7W88IxiMxjSqoq0SWhHAmYM1mGddm4H1TYdL6OAx93xJic7eNFsZZ8ebvfaz40y8y6JIf7AiixjzaMGmuSV0NM9U4ttPJfTz8d7JgDFpA==~3551812~3160375
www.stripes.com/	1970-01-20 08:00:18	Name: TRINITY_USER_DATA Value: eyJ1c2VySWRUUyI6MTYzODg4MjY4Mjg3OX0=
www.stripes.com/	1970-01-20 08:00:18	Name: TRINITY_USER_ID Value: 4e3293f1-f97f-48aa-bdc7-153301b03b3c
www.stripes.com/	1970-01-19 23:15:25	Name: stripesWindowshade Value: 1
.stripes.com/	1970-01-20 16:45:54	Name: _ga_TCBWEF5WWR Value: GS1.1.1638882682.1.0.1638882682.0
.addthis.com/	1970-01-20 08:44:57	Name: uvc Value: 1%7C49
trinitymedia.ai/	1970-01-19 23:24:47	Name: AWSALBCORS Value: k6wDzbe/pjW5dOfvn+cbNvWKkRbu01IbT7Dqj7kmZJ+j1V/QD0qeznpZebKmkvhE2jsPVXIGzBvDMA90jfERWj3UGBArchaOt5z9abWAeIDss167pMwb6LgvgNQF
.trinitymedia.ai/	1970-01-20 08:00:18	Name: AUID Value: 4e3293f1-f97f-48aa-bdc7-153301b03b3c
www.stripes.com/	1970-01-19 23:57:54	Name: _pbjs_userid_consent_data Value: 3524755945110770
.stripes.com/	1970-01-20 03:33:54	Name: _pubcid Value: 8940c637-347e-414c-955b-3a4750a7e6cd
.postrelease.com/	1970-01-20 08:00:18	Name: opt_out Value: 1
.stripes.com/	1970-01-20 16:45:54	Name: _ga Value: GA1.2.1111837929.1638882683
.stripes.com/	1970-01-19 23:16:09	Name: _gid Value: GA1.2.514063730.1638882683
.stripes.com/	1970-01-19 23:14:42	Name: _gat_gtag_UA_714126_1 Value: 1
.addthis.com/	1970-01-20 08:44:57	Name: loc Value: MDAwMDBFVURFUlAyMjkyMTg4NDAwMzAwMDBDSA==
.stripes.com/	1970-01-20 07:53:06	Name: pelcro.unique.id Value: a3h6NWRjMWh5aWt3dzRmbnMx
.stripes.com/	1970-01-19 23:57:54	Name: pelcro_count_of_articles_limit Value: 5
www.stripes.com/	1970-01-20 08:36:18	Name: cto_bidid Value: 1_nKz19wOU5jbG9GOUpFQWsycE1FZ1YzdTBBNjV1OGJGZXZWYllBRTFkZ2l4TG0zT2pGV1B3UTk5RWhlOGZFRnolMkJOVWxmZnBpQ1hWMHglMkJDbUdhZHNnTmh4QkElM0QlM0Q
www.stripes.com/	1970-01-20 08:36:18	Name: cto_bundle Value: 9IoWOV81WUd5SzdQeU5ubnJqR3dmWFMzS001MHBxQzM4NjNMNFlSSm1EbEElMkZXaHkwMlZzcTg4JTJGeVRPNnAwSCUyRlVoUUI1NlluRFlFV2FnYzhrb0w2T2JFYkdVa1FHQjgybE5leDBsYWtwVVQwNDlrUHJaaHJIN1lobkF6MWdjZTFzTkJaRg
.reddit.com/	1970-01-20 16:45:54	Name: csv Value: 2
.stripes.com/	1970-01-19 23:57:54	Name: pelcro.pageview.frequency Value: MQ==
.stripes.com/	1970-01-19 23:57:54	Name: pelcro_count_of_articles_read Value: 1
.stripes.com/	1970-01-19 23:57:54	Name: pelcro_count_of_articles_left Value: 4
.doubleclick.net/	1970-01-20 08:36:18	Name: IDE Value: AHWqTUkkvgSKQsZ6X3SfeK99wlce97snz5iOup5IKfevPCytVLHLLP0eypyRIFwUK1A
.stripes.com/	1970-01-20 08:36:18	Name: __gads Value: ID=6ba3738c85793b12:T=1638882683:S=ALNI_MZlYHLGcxSUN3a8O2u-yYWcmxi4Ng
www.stripes.com/	1970-01-19 23:14:46	Name: _lr_retry_request Value: true
www.stripes.com/	1970-01-19 23:57:54	Name: _lr_env_src_ats Value: false
.adsrvr.org/	1970-01-20 08:00:18	Name: TDID Value: 51c07edd-7f3e-4c41-a77d-90f5e60cb85b
www.stripes.com/	1970-01-20 00:41:06	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%2251c07edd-7f3e-4c41-a77d-90f5e60cb85b%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-12-07T13%3A11%3A25%22%7D
.stripes.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1638969085225
.aniview.com/	1970-01-19 23:29:06	Name: aniC Value: 1638882685268-935392687883-006748-004-006714
.adnxs.com/	1970-01-20 01:24:18	Name: uuid2 Value: 8268148276647502419
.aniview.com/	1970-01-19 23:16:09	Name: 2_C_55 Value: 8268148276647502419
sync.aniview.com/	1970-01-19 23:16:09	Name: 2_C_55 Value: 8268148276647502419
.adnxs.com/	1970-01-20 01:24:18	Name: icu Value: ChgIwPVeEAoYASABKAEw_bq9jQY4AUABSAEQ_bq9jQYYAA..
.stripes.com/	1970-01-21 01:31:30	Name: _awl Value: 2.1638882685.0.4-97910e9e-2fc75a62ef51858486b8230be6eed145-6763652d6575726f70652d7765737431-61af5d7d-0
m.stripe.com/	1970-01-20 16:45:54	Name: m Value: 1f029f17-d68f-4139-8dd7-411dcb9429c3066147
.www.stripes.com/	1970-01-20 08:00:18	Name: __stripe_mid Value: beb42278-0379-437e-bec1-59af4e3c7550f3ade0
.www.stripes.com/	1970-01-19 23:14:44	Name: __stripe_sid Value: 5d85a8e2-59cd-411d-b06a-b28d45f28c5a6c547d

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html(Line 1532) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pubads.g.doubleclick.net/gampad/adx?iu=/267968996/Stripes_Takeover&t=sitepage%3Dstripes-europe&sz=6x1&c=3679297484&m=text/javascript, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.stripes.com/theaters/europe/2021-12-06/report-russian-hackers-spying-efforts-3877293.html(Line 1532) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pubads.g.doubleclick.net/gampad/adx?iu=/267968996/Stripes_Takeover&t=sitepage%3Dstripes-europe&sz=6x1&c=3679297484&m=text/javascript, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
acdn.adnxs.com
ad.doubleclick.net
ade.googlesyndication.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api-location-prd.pelcro.com
api-public.addthis.com
api.rlcdn.com
assets.revcontent.com
avm.avantisvideo.com
capi.connatix.com
cd.connatix.com
cdn.avantisvideo.com
cdn.doubleverify.com
cdn.revcontent.com
cdn.teads.tv
cdn1.avantisvideo.com
cdnjs.cloudflare.com
cds.connatix.com
content1.avantisvideo.com
delivery.trinityaudio.ai
depart.trinitymedia.ai
downloads.mailchimp.com
ebed345a622447be46a011e6e3b8c5d1.safeframe.googlesyndication.com
epub.stripes.com
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
gallery.mailchimp.com
go1.aniview.com
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.crwdcntrl.net
images.revcontent.com
imasdk.googleapis.com
img.connatix.com
jadserve.postrelease.com
js.pelcro.com
js.stripe.com
m.addthis.com
m.stripe.com
m.stripe.network
mab.chartbeat.com
match.adsrvr.org
mc.us2.list-manage.com
mug.criteo.com
p.typekit.net
pagead2.googlesyndication.com
ping.chartbeat.net
platform.twitter.com
play.aniview.com
player.aniview.com
player.avplayer.com
pubads.g.doubleclick.net
q.stripe.com
s-jsonp.moatads.com
s.ntv.io
s0.2mdn.net
s7.addthis.com
s8t.teads.tv
secure.adnxs.com
securepubads.g.doubleclick.net
sessions.bugsnag.com
ssp.lkqd.net
static.adsafeprotected.com
static.avantisvideo.com
static.chartbeat.com
stats.g.doubleclick.net
sync.aniview.com
syndication.twitter.com
t.teads.tv
tag.simpli.fi
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-uw2.doubleverify.com
track1.aniview.com
trends.revcontent.com
trinitymedia.ai
unwieldyhealth.com
use.typekit.net
v1.addthisedge.com
vd.trinitymedia.ai
vid.connatix.com
widgets.pinterest.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.pelcro.com
www.reddit.com
www.stripes.com
z.moatads.com
s7.addthis.com
104.111.242.245
104.117.200.54
104.244.42.200
104.75.88.126
13.32.121.38
13.32.99.17
142.250.184.198
142.250.185.194
142.250.186.66
142.250.186.98
146.20.128.163
151.101.1.140
151.101.192.84
151.101.193.108
151.101.2.137
151.101.66.137
151.139.128.11
169.50.137.176
178.250.0.157
18.208.104.24
18.209.200.15
18.66.112.117
2.18.232.7
2.18.233.180
2.18.234.163
2.18.235.40
202.212.180.67
205.185.216.10
205.185.216.42
2600:1901:0:7a0b::
2600:9000:223c:4a00:c:b42a:3740:93a1
2600:9000:223e:3800:19:7d10:bd80:93a1
2600:9000:223e:a00:3:748e:7940:93a1
2600:9000:223f:7e00:8:48e:53c0:93a1
2600:9000:223f:c600:8:9ed9:9c40:93a1
2600:9000:223f:e800:1e:efeb:b400:93a1
2600:9000:2251:b000:1c:38a0:8a40:93a1
2600:9000:236e:4200:18:1fcd:34f:cdc1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:1a0b
2606:4700::6810:125e
2a00:1450:4001:801::2008
2a00:1450:4001:802::200a
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2006
2a00:1450:4001:813::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:400c:c0a::9a
2a02:2638::1c
2a02:26f0:6c00:191::26e5
2a02:26f0:6c00:28a::2c79
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00:2b2::4469
2a02:26f0:6c00::210:ba0b
2a02:26f0:6c00::210:bb21
2a04:4e42:600::714
3.13.207.171
3.217.20.60
3.226.53.204
3.33.168.159
3.33.220.150
3.90.128.247
34.117.158.252
34.120.133.55
34.209.192.116
34.225.64.38
34.96.122.219
35.158.176.54
35.190.64.11
37.252.172.37
37.252.173.215
44.237.19.66
52.30.14.23
52.31.239.78
54.186.23.98
00479816b3ec247bebe149cc083fb40db68e7c3bae96998c67d0dd666d509c63
00694c22b65462919f7067f79231cc2d916f31c0276c2cf521ed5d9fca9392df
0153c23b3503ea89e8fc34545e19d00b143c930080bf867e6f97b283ddacbeb4
0367166c171106ad6e8850d5499f3d5eeca25ad692c97a111045c07dddefa25e
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0641c5c4150eec9082db44493a7168d300718a478e28b628c37f766b2bf83aa4
06d35a9ff5c57d6b6a4175f5c8cd4fe62db29f6217f8aa695ee6a19d404a3bf4
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080
0adba3a8e675d262942cd7c59f61fa77dac5f4208ec40f4ea8c371fe23de681a
0aec59c0803f49421ffcc6011dc42f89fc1b8f08d525116f1a348b25f362c942
0b4dbf5d904ef13252152a0f974a51fc4f89255095a326355797cb2b23c556aa
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bec30fdc58f653275abe6e090a89e9ba89c52e8d20a66da1d4a14bb33a1b19c
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c3fbb91b2db13e2287e3249a1995fb9da88c5e91d9c9179cb398f5154366383
0c578fe47dc81146a283d515b718d33948068d936d7df6e09a15c90b26078a21
0cea5263a3b6819b999123c15a2416b808c1c34d24435cb19c7fba696cf4a3c9
0dcf07542306051cfa16bd73fcddc2dc4ee540b58964ba08b9e62065f34214e0
0f1819026c806a90d255de37b5dcbaa697ebe215f13dfbe3c11466846de16c60
10add97dc2a4d798e3d719acdb6a46666242b8e829637284c585985bea9eb7ed
12472d519f16267c34711bf5c57f6b0d6f3562a293e52ead11a10a350b0279c6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129f1bdf202d3fe70065aa13e821201cd22e8d4088d4dee3d13ad71b5f903b7a
12e0e408d6cec5d5bfebec26fc6a20d3d3e1574a1673ce67a244fe6894cf51bb
13fe1f6b84ca309a854ef287a4954807afad92d40af592c40eea81501ee54a83
1427a6a628bcd74ac46fef27108bc9d36b79f338e7d005c48e4e96b3a6b34b18
1482386e18d9fcf975374afc941b1474ce955d3c54c37e97a9c01d284b68ec9d
15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55
16609c12f69ed700ff53d78ba83431e625aa789558b34455b29a36b5c0d2738f
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
1a7ecc510a27a3c2d4c537d1034599cc9813b9ae7651d9b521fae4e78db5ce40
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1de247a80c68ee0c81d7dc38982eca90e34e4dd39d9a1ce6a83a5ca5241fb336
1f2f2e8ecf31220f9de33de2e9bfe120e8dd28b838c8412a60af5421537503a0
1f6d6747a20379285899eb273e878ce5e180fc9e8aa5463c5b00989f23a1beb4
211a6f84f22cff8ed0193803dad803916830273dadceb7b48a847554fb3bf1aa
219d55b0a442e35619d798a9cb86c13c8d266a52b7d57da0454b9fcaff4ba0a5
21eb6119029f2c6a6bada03dc288b036f90a33d21d54484c9f3b1934e695e07b
22f285b13c847acfae37b653367aec4453e570bd7d61158422db8cb1c792b3de
24ddd1e58048b259e6deeae98b02422179691006cdb65caeb236b7f4cf968278
259850f83e3a24cba1fea6a790b7658c126095659447a8d01f30dba16b7bb727
26a3448b13492179a8982952c2efcda0e7df69fc7eb55a36867f506941b88c93
26c48516c152ae0905611bb47e85fd5aded8f9a5c69e1b928425a0dae94f5bcc
272a612f7fcefd5b1292d2b642a9a252c57ee1b6c97cdfaad321eecca2466dce
2764e65feb56d8e9f9051368a0e0ee9daf5263f1786adb335834fbd83889c22d
28a60f54b774bf33169679db4aa42ac5715a9e3e703a47420a1c9afcc7781f75
2956f7b2aef18a4a79ac487f3a1d70cebc1a8a4352f7460b1048ec66e5028ad3
2a5bd42df0226330e4a8f965446c7d5536a11c166ac0472f47ce9948379b1470
2e9d0cd57cae1ca5650a4b2b35286cc9a8480893ca830b0013e4b0e9e862b2ac
2f4629aee73fb98ef3be17dc61010858661ca7a569706ae546916ddbb29163a2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34dc1dfc7400857ee8bb0abb46d0662735c6c4b26b91b88d076e7537e22504cb
357c24ee82b8e6df696606bdbea8d008fd4dbe0cfe754915fcb419a3bd653e2f
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3a89c40879918408b90c17560df0580a86a247e34e63da3475464d2e2294924d
3b0ef0bd525bcff611dc01476da691b03557ef78c1ba0d4c32cfed1dcc9afda4
3d396c4d9cb7175c15080c9f60c5af11eace9815f2a39cabdc3b2679df39b2d8
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78
3d644c93265abc15185cf5accc1ce3a9f111642674bee3eef1fed1374ea3b127
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e3cd4238bdd3dcd7e0710d584323a16a922ca222a7f6c632a3b4c45aaac3aca
3e52eb23477a407a5206fe459e5bac03ac80ba94bf7505f50cc6db89bef5fece
3eb386e21eb5583a5f003aeb5409c0d15c44cdffb9a81c756ab77f9a9e5980ef
3ed7ad3f32ca302fe2a749b9730b721b673342f49ee583c6c03d3efc11847cde
3ef9701cd1606f758c50b500bc84712fa4dc3d1462c532ff314705d1ae934ea7
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
432fe9d967d439d9f3fb4a499593238d4039491c1509a2d40fa182b3e19d98be
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
436a16ee0cec77e60f40d2183ffe0a550a673f36ed9cd338183d2ec512c7113a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4439189361722f9cbe741de6fdbf4462efcfe252b9e62014e81c90d5f9632349
448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7
45b60c9ae048b78a11d296a37e770b2748a26c5c00e0cea78607964758f50fa8
4626dccb8747ff64346699e33c67adb5e1b21fbe94f82c7d51e03ada3a183c68
46f975127b0271949b852ac0000962cad7abd905b7c3823fb9e95fd705db3ea3
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
494f22d40034ec300048cce1fb5f7c55b33ff0d0bda515601c1ab09103d301fb
49692e53747b1183fcd9e7ab01b98d190fd42907cf43dd7e66327cf6c63a3039
4aae0b41c685d3426d09cbdb9e5d9587f05934c478b0d27a48d9bed12853d09d
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72
4f009bb37f58e77fd17b19201645f0d9b4a3bda5f5cd02ce426b1824eada501a
4f5210b63799c504ea7499a6d11733c9848fcc115a661c784059611d07d5de08
4fc4cdb550632e27aececdd3178327f642f0f76654c2ebefa48f436e1310138c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
510e6b176fac7f9500c599078eeed7cf9a0e11982f5df02e35e0a452e02a543f
52eb21a7e4d89723323c12600b97756f4eb4943742d8930022d758817af4d1cd
53f40153ce96daae594e7a554e3f335b042f970385e7b6749aabb25e221bf69b
545e6c6766ef438509eac05b9ee5165b7be7ad145178ccce6517c3a31d171c52
555818d8877676d953f04b982d8d9394c886b824332642a15473480f3baf5a8e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
567a147a21b26a9bff5cb8788c1ba174a117ba7b2df01eb070f5244df8207a0e
578da29b095aa5645641c310fa3263a6f540af8a7629e5a82747a89677c98d18
594c78bda3126ce363abbe3cea4ade221a042406e6961f7cc6e57d82ae5e15bc
59abb01bcc4d554adcc6ce3dcecddacfce19378cefe8fb3037c04298167d3dbf
59ba60596a51fcd5f9dfed3a4cf796227c8b0e416e6ddabc96e37cfb0c7df49e
5b449bb3cc11943da514b524c226336a8589f6526f9fa7face87e91a4b4d34fb
5b9a694df5c1ca8937592d3ad5a9887983915500a1556178818006785adcf95b
5be78f9711358eb39e1fa7d347f887bcfad31c2b075e950546104ce2a9d8c21c
5f671f08f9fb9359472f84a258dfbf3b6345842b2a694e9f76ea8f728db788c8
5f7962f7f059b8001253ba4605733651fc005676b8e7ffc7b9ac5a6ded16ff1b
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e9a0d0147f7293806755528e5777e0a138386a9020049c039cb2735b80d613
640cfa03a0edf6a9ccc1794366dc2a16dcdb308bd4b2dcbb60ff5e60e795d7ac
6610f6e5ebf811f47e5c53f5f536df0e8f431dc31af4618cd5c0e53ef5443374
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
6903418cd2cda134ffc4048149352b8d5cb27928117a0d204ea27e73e448f48f
6933126c960f29b96062ee13ff114dc584eb622a9e8ecb3502443d03eb87c810
69a88a33fdea90a38d7828fdbb0c8f0ac76482ac46e6d972aad595cfab379fce
6a0ef17d1f622d95f9fccc4cc003db9d30972661467b2d28d4d6919128ac6222
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6df177f09bbe0f57f3bd1a71b5036d102a11024a94aa97de623feb116515e493
6ed1a215eecd0157174987e302a5f4e1f6a5d1cd7f384608c4e6e8f5cd535ff1
6f084fa4ecbadf7b5887620d8b44f6149f59af100727265daa8d15894e90a44b
6f2dd9d0ab5064cfba034ce6b9c29ad004ce7848a2b98a23e74599bd47756617
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
73c5c079e730facbcbb0e099dae321c6dcaaa1076f51afa9899d7a745c13a0c8
748fe8dc5f2043d62d37972f073120ce15f66102dd213bbc140ee71f1218fed4
7537c0d704d7f0d6b79f06f3335e189f39168ef66c0aafe0f4b4643b6143c924
786608e1d8ab9470008057634c4724717661f6f23c71299952812c80a0d195b9
788aadc7cd7dcb8015b608986e7855f5f5b3251b108ed9f9eba5ff41eb6ca767
7a83efe84bdfdeb0653959f607fea3ddce41f4265c73028cc8bfeb61125e1adf
7b5a6c2327ddb59d4323e1159dca0f60b36fd0d53a37311361d562cdfefde34e
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7b8100025a6d492ac82579830ad0951e275ab2963c29327f70704611c3f31376
7c65b00e5d831ccbe1bf42e38e82c3b193a35cdfab03f6471c1e8e68cd12a3a7
7df648eb8dcd2ab8a07798dfae0448842682b16253a4d348be5fa47a956da8c2
7f347580a7b031cfa6fc35eb046691b615875a9a791e75be3e39b821949ea600
7f7a2dc8aba3c3e447f512c5db932f05241c1441b2188d87abf759b1a85295c2
7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e
81f77540f9fb96f52e36215319719de4ee6a8eed355deafe4fa2282ff8256697
82efcbedf38ab3e14509e9fd78267e876d4b9b0c3bc355e5f2ec7676cd570738
84643b7ec7363a7ac96daf9ae8a186ef3051abdcd320c79d07e5741115a0138c
859956b49fd05ca9e088fe73e70bc263e0ea5329c2884baee595d146cf33070a
86af2f2995b2ff5186ed018e5f52db32b2207a46b6abec40a7695d28786146e2
87aa4dcf6160f0e2083c260799c9abc73062e0fdf4568a038c6274100ff5070c
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
87bef7a775e345b65d1d933586a87a9b88b26ba7d0fd7185d78690305978e2f8
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
89556695a6b9f47aa18b0394c334f2cc76751d675e101f9343d6e193a716bf22
8aeb418f8fdd25f7f6b4d2e011b906de388771b44dbd16d3d28882872a8ac6a9
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8b94cbe5296254e6bc2199c7099b21f9308583e421f3b5204166eb9bbf19cc58
8c8baffcbc46c84d4e2207819e099ee5883706283f9c3f64cc5302929d77bfd1
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e5d4a249423ce6b1d1f789ebf8c5f52ae355415bdea128b80ed0d000b472c1a
8eba40f39772c493ecc0fd53cdd43d1f5dffc562d3436c55763d70bc82280a58
90662e93c28e80af3190c38906686ddeef7e606303c972302a86a89a0d70509a
90b69c5f7668353e1ae5d266dba1f8a4b2dbbb254b6a2cf6e5b2d91381a714eb
92571a8ee603b82a9995106eca9ecbd32136d179cd51b3dae1346f75c9f9a1be
9263db8840af36ebabeca464a88d201ad11591a2b7a3a3f15c2a873fc36e2fb8
947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419
953f38645d8667c037f64cc00cc5f39b335719014a5c4b1d6317961c9f79cbae
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
9ad8413a178fc05c02c83169c8dd8fef2eba77e0e6c2a99a71a823e8a7afef10
9b584ede4308a67b5c89b40c3a843abf6a50797c36dcdaaf99f56f2ae4d1ea28
9b6de5be00a9f67352506c451ef00f23076e270bfce315491b9ddae8f072fa21
9cb15bd9f312dbf5983171b237aed3e857c78828c9617b9ec7ab586da4dee5af
9ce64f411c03d71f1998fc920980b74b51ab42670d1aac8c0b6017cf041e5c8c
9d37d1712b2be6bd01460ea30ab676c8baa512d5f1de5d608511a4403bea72dc
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e08d748ad1f6634e1a9d67cae1450a74baf516fe980627bf4372922da978eb3
a00389c7a6b84dfdd76dace7ad7de6af4e57fc3dcb7a3a9ae49ebcab27486c6d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a090ab7df6161fa67c307f4aa50667bf976b80226dada40fdfaedbcb007922ca
a0d95a84f7330ced9452b5bda7f2fadeb8f6ee505f6334972ef0812b484c6653
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a269fb78e485537faa03fc97623ac40f73045e9bb3bbdffe99f791e2c42388c7
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a3047b6acf0c2384e67db5839544faaf6f593ff62ced8d38d418d63650cf767a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6abb6455f3426c3d92b639f890f55057381227889c0b6d5648d8698a4842d15
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b96aae8e27bf932c36b6d28d81ff38091c23b43165c59da9272dc3d0eda219
a995e987ced454f9eef260cc88c42417619a2d043edceec971eeb8c7a0760c94
a9ea961f8e82970a5b4424be715ff788e75a0178f5dd9112dc33ee60a6393fdd
abdf35269b8e8f726d2a7f79d31a8323212d7b48f10bacc3632ae5334531922e
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
add8ad5f27d28f9ff3cb71641a6890b5431da4deca36a28e633ad1dbbaa0aff1
ae5f478837031e705c3b4542b833f76979fcd122da5be00bc8e483e65ffb774c
af43ea4c564c18bf2c64d2c4aa030a083c82a68ad9a07ba5b3d9f74edd2262c7
b110085568edfe15a234de5f8bda3a838be46dfeaea429c9be7abb483c2a08b6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b214dd816be55213fb9ebacc212f8850dfb4c5515bba44aaec5823e58a68f2d8
b478c10c6b0f33076779e7a5097423bccc8bef9943ba85f9fe6270c311d02379
b581d1bdfa05cb424c99f7d8c429c40c1260969e39fde3b222d449b8eef5ce2c
b5aa811f81d526046d5d3073a8adfa93f2db84842567ea2d9e38ec1c939b2b4a
b66de84a754ca07ce6dc6936fc3ee8c8a8c8046a3258d46bf83876eb286634e4
b7e48c138e4a89704f115dce26161a11723921358d5021fd40095c1463f62d25
b823703c1c406ba9194770537d6508f5883557ca0451ca4bbfc53bbed374cb01
b960a89dca43490bf0005a6ed7ef8287405c4bd8b050fc4a4934580d8a5920c6
ba28e784afbb6f3a0c6a7154de0a12c268dd2c58949beea2bee3312763763aae
bba83db30e7719c593bb4546227f24de4a2532f42e90be0b7a8175987e4c92b3
bdb6dd8465fd5560ef645c52f66d55c4a37eced99a342be814b9e473564e47e9
beb708126effaa6d24be5caa1736fe0caad6775e8ae88630af8a489d9effff4e
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7
c001b85563f7a75482f05747a96b7698950a51aece4c3e52dcddd2275a4368de
c0346b42f60e2810e08ab51f2d507c4a1e5347a756c1bcf0c7432524bfd0d829
c052f4a657197e8082e23174f1c0fdb09c90a1fc7ddef0128a6ece11ac128674
c263104b538a4ee08d885431b5f576e8ff68e9ce2d57df821c8e6bb917bfc159
c28538ecd935a02cfe6a710b9d5222934f7d089617d6946da5ac2d28eecf4403
c3d78ae222f2cdf9c08f1ee05ebca73903c7bf21cb21e45a76dbfc9ce830474a
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
c5a1af3f56b4294252d7c75144ae9d0ac198e9229952b7e11cbb31f17f138123
c638ddbf6cd3019073fd3a9bb98bcc425e085c7e100ab65d11a6b12030f7e43d
c658ff53576fc6aaddd37277f911c657dea0ea05d273c7c5656031faa04a31dc
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c6e73dfccc73993c0049628cde8275d770a65a7db1e91cb51e22e19471163e4c
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc201502f62f6c6ccdb2fd3a50ac49cd874555166d3468f93024c100f8d3ae86
ce0d8180e796390eaba89c213059ee270e6bc67fdc219cf1ff67953b0723649a
ce93b3a64826022a059b137e8f50a878f5dcded0d5af4e883fc6feb4d62cbf7e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9d599e3d464982f7391d7d522371ff79896920ff8b2641491a9455027f0674
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d22b82ea285890ccc7f07c9d088ee0b8dfce954a7ba6edee0aa172ebb008aba5
d25cf1328a0760adaf95e35a9278df7a085c9c0a821faa05a75d7a3e482f7ed3
d4903dd620e413c6ea166611db7586c9cb2e7d1a557c98053e8c99537a5f18fc
d6dc054a28708eb11029e0e0b59ddc34bd10271218d245285504b0e8ab661dae
d8452fdd481bf78482c9705a70bb7dc2bce13ca314da1ea6bf424090ff870385
d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d8c0f8670d4b8ae17e7b6445a625277bf99bd73f0a3c659526b6bf7ffa64f2af
d8eae99f8d3991899f01edc638dee12b8d9d2c8e9865bdb0c87b7562af18d071
da258b81d3df5f07743d1dff543d2654c1a25d8d416848af80201c23ab1688b6
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da756438a59e52da1ab54dd8d5d602e8770c4f7e021df212c2d89ba563199719
dd556a1812337610f3da1a08917dcb5e46b7eca3cf2323db0c2d35d2d2b3ea3b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e03d8a32efb91836728a13084ae4ee78473f966d254bcf5d21a9dbd58aa54f5f
e04f3b9d50e443c95c8281bc378b5d77e0fe34983c1cee69e36bcc76b74abd42
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e2496aa638f66a863ebd182c7be17773ce6b49a01bd8f01e0d36a4c9a49a400b
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b4455f80bbefc4ce584b3f9866d5510cc64f918c075d963320b84a99040235
e60582034f65d16de4f819915890368c95457aaa31fcc4359db38ca0463890ee
e6ce5197db5123b87ba8a4fc98c52f1eea1067ff626f1632ef7eafbf8222a97b
e9953887eb310250b15b622eb85aa87fe1868db9cd86bcd09f4c9b71c345fdc4
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eb542e09f2d9f06b3dd88bc530c3178861172de5a32b8163e325dcfbfe8cb38a
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ed838fb7bff02044f6fac6255ee96e585e9262f980074d4c5124e037c7560461
edc12abf1994f114076a7cf6f31e8bde918411918b5c5012feec44a51c8f8a64
edc2fb6603f1299fb85244d8a40ec6fbf764d3a7cf74e50e6b66e2df487ace61
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd6f7d3912d8e7201c7df80b3d632ae03a1944cc1b3a47e7d9aea57eda3c461
f10c2ef28bc741f9ffd0a2eb720cc51407d45e6c6b4c5897cbc742ff9a8d590a
f1e25a67c85672b425315d6418b881db426ea8fe7b103f0f32dfa7bde1953472
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f45ed83a45abaf7022fc875d71c8c1134096873bb61dd5d7c289e2bcc5b05972
f5024c8562f3a22835ff37215291695e61389d804a4e2ca943eece13960daeca
f7d19c199b4e9fa542baf4ee994781715578150dd4187dad56697f694418cbc9
f8e49947d3547dba3e5bf18c2cefcc2dda7ff5f714e52f398b97d84887d1c586
fb04024ab169cf57783a1abece7096b4e90903a33bcc9a34e12f29fc3d921f6d
fc48fa75e215803fc749570d1080a8d0b1f0f42549720b1953f096ef342873ac
fcf47517c3b2b996f0a78e5d794c30770fc45d1240a17f428177512cdab58376
fcfae5623bd5f8b47ad998684ef0c9230258a6415a9fe3699dfb44601a6b557c
fe31c3672f7d2135a661367f3114cc9e37a60eb368f0f1032c8f8f4cf80efcc4

www.stripes.com Open in urlscan Pro 3.33.168.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

411 Requests

97 %HTTPS

43 %IPv6

48 Domains

96 Subdomains

84 IPs

6 Countries

9545 kBTransfer

21357 kBSize

51 Cookies

62 Outgoing links

Redirected requests

411 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.stripes.com Open in urlscan Pro
3.33.168.159 Public Scan

Screenshot
Live screenshot

Full Image

411
Requests

97 %
HTTPS

43 %
IPv6

48
Domains

96
Subdomains

84
IPs

6
Countries

9545 kB
Transfer

21357 kB
Size

51
Cookies

411 HTTP transactions
8 data transactions