urlscan.io logo urlscan.io
SecurityTrails logo

tr.novaya-pesn.com Open in urlscan Pro
172.67.200.59  Public Scan

Go To Rescan Add Verdict Report
URL: https://tr.novaya-pesn.com/actors-and-187
Submission: On November 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 83 IPs in 12 countries across 91 domains to perform 351 HTTP transactions. The main IP is 172.67.200.59, located in United States and belongs to CLOUDFLARENET, US. The main domain is tr.novaya-pesn.com.
TLS certificate: Issued by E1 on October 23rd 2023. Valid for: 3 months.
This is the only time tr.novaya-pesn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 172.67.200.59 13335 (CLOUDFLAR...)
3 104.16.89.20 13335 (CLOUDFLAR...)
1 23.45.238.53 16625 (AKAMAI-AS)
4 151.101.65.195 54113 (FASTLY)
1 104.21.66.155 13335 (CLOUDFLAR...)
2 18.66.147.27 16509 (AMAZON-02)
12 46.4.104.244 24940 (HETZNER-AS)
4 8 87.250.251.119 208398 (TELETECH)
4 142.250.185.91 15169 (GOOGLE)
5 142.250.186.162 15169 (GOOGLE)
2 65.9.66.38 16509 (AMAZON-02)
22 104.19.129.76 13335 (CLOUDFLAR...)
2 104.26.9.169 13335 (CLOUDFLAR...)
2 185.184.8.90 204995 (RTB-HOUSE...)
6 51.89.9.251 16276 (OVH)
2 145.40.97.67 54825 (PACKET)
2 63.215.202.178 41041 (VCLK-EU-SE)
7 17 37.252.171.53 29990 (ASN-APPNEX)
2 185.64.189.112 62713 (AS-PUBMATIC)
3 6 37.157.6.243 198622 (ADFORM)
14 104.22.36.96 13335 (CLOUDFLAR...)
4 212.77.99.29 12827 (WIRTUALNA...)
2 178.250.1.8 44788 (ASN-CRITE...)
2 149.202.23.16 16276 (OVH)
1 104.18.23.145 13335 (CLOUDFLAR...)
14 87.98.236.115 16276 (OVH)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 178.250.1.3 44788 (ASN-CRITE...)
3 104.22.52.86 13335 (CLOUDFLAR...)
1 18.66.129.71 16509 (AMAZON-02)
1 65.9.66.97 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
2 34.95.69.49 396982 (GOOGLE-CL...)
6 142.250.186.98 15169 (GOOGLE)
1 142.250.185.225 15169 (GOOGLE)
4 142.250.185.202 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 34.250.99.225 16509 (AMAZON-02)
6 178.250.1.11 44788 (ASN-CRITE...)
5 141.95.98.64 16276 (OVH)
3 142.250.185.193 15169 (GOOGLE)
19 104.19.132.76 13335 (CLOUDFLAR...)
5 104.18.41.127 13335 (CLOUDFLAR...)
6 23.35.232.201 16625 (AKAMAI-AS)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 142.250.185.164 15169 (GOOGLE)
2 172.217.18.14 15169 (GOOGLE)
2 172.217.18.8 15169 (GOOGLE)
1 172.217.18.6 15169 (GOOGLE)
1 173.194.76.156 15169 (GOOGLE)
1 216.239.32.36 15169 (GOOGLE)
7 15.197.193.217 16509 (AMAZON-02)
2 23.35.232.188 16625 (AKAMAI-AS)
2 212.77.98.32 12827 (WIRTUALNA...)
1 4 198.47.127.19 3257 (GTT-BACKB...)
1 185.29.132.241 30419 (MEDIAMATH...)
5 5 178.250.1.9 44788 (ASN-CRITE...)
9 185.64.191.210 62713 (AS-PUBMATIC)
1 2 67.220.226.233 16509 (AMAZON-02)
1 1 91.228.74.168 16509 (AMAZON-02)
8 198.47.127.205 62713 (AS-PUBMATIC)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 52.72.41.189 14618 (AMAZON-AES)
5 7 3.121.8.101 16509 (AMAZON-02)
1 1 18.158.152.62 16509 (AMAZON-02)
5 5 34.251.217.8 16509 (AMAZON-02)
13 15 142.250.185.98 15169 (GOOGLE)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 1 185.86.138.152 201081 (SMARTADSE...)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 52.211.237.14 16509 (AMAZON-02)
2 2 35.194.66.159 396982 (GOOGLE-CL...)
3 3 3.75.62.37 16509 (AMAZON-02)
2 185.64.190.81 62713 (AS-PUBMATIC)
2 4 108.128.113.218 16509 (AMAZON-02)
1 98.98.134.242 21859 (ZEN-ECN)
4 4 64.158.223.137 41041 (VCLK-EU-SE)
1 1 46.228.164.11 56396 (AMOBEE)
2 216.52.2.48 30282 (AS-INAPCD...)
4 4 172.240.127.131 7979 (SERVERS-COM)
2 3.125.27.82 16509 (AMAZON-02)
2 2 18.209.71.169 14618 (AMAZON-AES)
2 13.32.27.108 16509 (AMAZON-02)
8 77.245.57.72 36057 (WEBAIR-IN...)
6 18 13.248.245.213 16509 (AMAZON-02)
4 13 172.64.151.101 13335 (CLOUDFLAR...)
2 54.172.246.175 14618 (AMAZON-AES)
2 2 46.228.174.117 56396 (AMOBEE)
2 13.107.42.14 8068 (MICROSOFT...)
2 2 35.210.239.72 19527 (GOOGLE-2)
2 52.46.128.147 16509 (AMAZON-02)
5 6 34.196.92.141 14618 (AMAZON-AES)
1 18.207.169.236 ()
2 2 3.69.152.80 16509 (AMAZON-02)
2 2 193.0.160.131 54312 (ROCKETFUEL)
1 154.57.158.26 26558 (FREEWHEEL)
1 172.67.74.129 13335 (CLOUDFLAR...)
1 35.186.193.173 ()
2 2 213.155.156.185 ()
1 195.5.165.20 ()
1 23.88.86.2 ()
1 1 141.94.171.216 ()
351 83
29    172.67.200.59 (United States)

ASN13335 (CLOUDFLARENET, US)
tr.novaya-pesn.com
novaya-pesn.com
a.novaya-pesn.com
3    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    23.45.238.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-238-53.deploy.static.akamaitechnologies.com
s7.addthis.com
4    151.101.65.195 (United States)

ASN54113 (FASTLY, US)
cdn.zx-adnet.com
1    104.21.66.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dr5.biz
2    18.66.147.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-27.fra60.r.cloudfront.net
get.optad360.io
12    46.4.104.244 (Rostock, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.104.4.46.clients.your-server.de
www.bigmp3db.com
8    87.250.251.119 (Russian Federation)

ASN208398 (TELETECH, RS)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
4    142.250.185.91 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f27.1e100.net
storage.googleapis.com
5    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
2    65.9.66.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-38.fra56.r.cloudfront.net
cdn.optad360.net
22    104.19.129.76 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
2    104.26.9.169 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
6    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
2    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    63.215.202.178 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams05-convex-float1.dotomi.com
web.hb.ad.cpe.dotomi.com
17    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
dmp.adform.net
c1.adform.net
14    104.22.36.96 (None, )

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
4    212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl
ssp.wp.pl
2    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    149.202.23.16 (France)

ASN16276 (OVH, FR)
PTR: vh11.eris-i.of.pl
video.onnetwork.tv
1    104.18.23.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
14    87.98.236.115 (Wroclaw, Poland)

ASN16276 (OVH, FR)
PTR: vh11c.eris-w26.of.pl
cdn.onnetwork.tv
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
3    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    18.66.129.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-129-71.fra60.r.cloudfront.net
cdn.prod.uidapi.com
1    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
6    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
23da06dcdb3da2ec45b32d919091d98f.safeframe.googlesyndication.com
4    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
imasdk.googleapis.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
2    34.250.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-99-225.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
6    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
lb.eu-1-id5-sync.com
3    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
tpc.googlesyndication.com
19    104.19.132.76 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
5    104.18.41.127 (None, )

ASN13335 (CLOUDFLARENET, US)
cl.imghosts.com
6    23.35.232.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-232-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
1    142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com
2    172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f14.1e100.net
www.google-analytics.com
2    172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f8.1e100.net
www.googletagmanager.com
1    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net
s0.2mdn.net
1    173.194.76.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f156.1e100.net
stats.g.doubleclick.net
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
7    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    23.35.232.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-232-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wpcdn.pl
std.wpcdn.pl
4    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
9    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    67.220.226.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    91.228.74.168 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
8    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    52.72.41.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-41-189.compute-1.amazonaws.com
sync.srv.stackadapt.com
7    3.121.8.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-8-101.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    18.158.152.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-152-62.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
5    34.251.217.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-217-8.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
15    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    52.211.237.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-237-14.eu-west-1.compute.amazonaws.com
a.audrte.com
2    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
3    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
4    108.128.113.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-113-218.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
4    64.158.223.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-nessy-float1.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
4    172.240.127.131 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    3.125.27.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-27-82.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    18.209.71.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-71-169.compute-1.amazonaws.com
ssp.disqus.com
2    13.32.27.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-108.fra56.r.cloudfront.net
s.ad.smaato.net
8    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
18    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
13    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    54.172.246.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-246-175.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
2    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    34.196.92.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-92-141.compute-1.amazonaws.com
i.liadm.com
1    18.207.169.236 (None, )

ASN- ()
i6.liadm.com
2    3.69.152.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-152-80.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    154.57.158.26 (Amsterdam, Netherlands)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
2    213.155.156.185 (None, )

ASN- ()
d5p.de17a.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    23.88.86.2 (None, )

ASN- ()
matching.truffle.bid
1    141.94.171.216 (None, )

ASN- ()
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
41 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8705
c.mgid.com — Cisco Umbrella Rank: 6710
cdn.mgid.com — Cisco Umbrella Rank: 11457
servicer.mgid.com — Cisco Umbrella Rank: 8714
s-img.mgid.com — Cisco Umbrella Rank: 8620
cm.mgid.com — Cisco Umbrella Rank: 1536
663 KB
31 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image2.pubmatic.com — Cisco Umbrella Rank: 924
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
115 KB
29 novaya-pesn.com
tr.novaya-pesn.com
novaya-pesn.com
a.novaya-pesn.com
1 MB
21 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
170 KB
19 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
46 KB
18 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
9 KB
16 onnetwork.tv
video.onnetwork.tv — Cisco Umbrella Rank: 42925
cdn.onnetwork.tv — Cisco Umbrella Rank: 40013
153 KB
14 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 17259
sync.quantumdex.io — Cisco Umbrella Rank: 3327
3 KB
13 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
dsum.casalemedia.com — Cisco Umbrella Rank: 1396
7 KB
13 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
gum.criteo.com — Cisco Umbrella Rank: 454
dis.criteo.com — Cisco Umbrella Rank: 597
16 KB
12 bigmp3db.com
www.bigmp3db.com
22 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
23da06dcdb3da2ec45b32d919091d98f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
70 KB
8 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
1 KB
8 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 409
imasdk.googleapis.com — Cisco Umbrella Rank: 447
639 KB
7 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
i6.liadm.com
4 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
3 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
2 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
1 KB
7 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
104 KB
6 adform.net
adx.adform.net — Cisco Umbrella Rank: 4418
dmp.adform.net — Cisco Umbrella Rank: 3509
c1.adform.net — Cisco Umbrella Rank: 599
4 KB
6 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3773
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
casale-match.dotomi.com — Cisco Umbrella Rank: 3027
2 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
829 B
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
3 KB
5 imghosts.com
cl.imghosts.com — Cisco Umbrella Rank: 11295
1 MB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8755
3 KB
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
3 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
3 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
3 KB
4 wp.pl
ssp.wp.pl — Cisco Umbrella Rank: 9602
927 B
4 zx-adnet.com
cdn.zx-adnet.com — Cisco Umbrella Rank: 619242
27 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27893
898 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
688 B
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
12 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
72 KB
3 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7332
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
2 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4034
71 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
4 KB
2 de17a.com
d5p.de17a.com
562 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
1 KB
2 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5190
282 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
994 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
387 B
2 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
735 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 716
486 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
565 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
69 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
554 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
1 KB
2 wpcdn.pl
std.wpcdn.pl — Cisco Umbrella Rank: 10519
60 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
132 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 894
104 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
410 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1523
26 KB
2 optad360.net
cdn.optad360.net — Cisco Umbrella Rank: 59248
6 KB
2 optad360.io
get.optad360.io — Cisco Umbrella Rank: 36330
227 KB
1 truffle.bid
matching.truffle.bid
1 onaudience.com
pixel-eu.onaudience.com Failed
pixel.onaudience.com
419 B
1 iprom.net
core.iprom.net
280 B
1 ctnsnet.com
ipac.ctnsnet.com
360 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 12394
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
654 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
518 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
187 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
554 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
792 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
961 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6560
346 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
1 KB
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
524 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
592 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
443 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
278 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
17 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1421
45 KB
1 dr5.biz
dr5.biz
8 KB
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 3240
359 B
0 semasio.net Failed
uipglob.semasio.net Failed
0 zeotap.com Failed
mwzeom.zeotap.com Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 loopme.me Failed
csync.loopme.me Failed
351 91
Domain Requested by
23 a.novaya-pesn.com tr.novaya-pesn.com
19 s-img.mgid.com
18 eb2.3lift.com 6 redirects sync.quantumdex.io
eb2.3lift.com
17 ib.adnxs.com 7 redirects get.optad360.io
acdn.adnxs.com
eb2.3lift.com
15 cm.g.doubleclick.net 13 redirects eb2.3lift.com
14 cdn.onnetwork.tv video.onnetwork.tv
cdn.onnetwork.tv
tr.novaya-pesn.com
12 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
12 www.bigmp3db.com tr.novaya-pesn.com
www.bigmp3db.com
9 simage2.pubmatic.com ads.pubmatic.com
8 sync.adkernel.com sync.quantumdex.io
8 image2.pubmatic.com ads.pubmatic.com
8 cdn.mgid.com jsc.mgid.com
7 x.bidswitch.net 5 redirects eb2.3lift.com
7 match.adsrvr.org get.optad360.io
ads.pubmatic.com
eb2.3lift.com
ssum-sec.casalemedia.com
7 jsc.mgid.com www.bigmp3db.com
jsc.mgid.com
6 i.liadm.com 5 redirects ssum-sec.casalemedia.com
6 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
6 ssum-sec.casalemedia.com 2 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
6 ads.pubmatic.com jsc.mgid.com
get.optad360.io
ads.pubmatic.com
sync.quantumdex.io
6 gum.criteo.com static.criteo.net
gum.criteo.com
get.optad360.io
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
6 onetag-sys.com get.optad360.io
sync.quantumdex.io
5 match.prod.bidr.io 5 redirects
5 dis.criteo.com 5 redirects
5 cl.imghosts.com
5 mc.yandex.com 3 redirects
5 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
imasdk.googleapis.com
4 ads.betweendigital.com 4 redirects
4 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 servicer.mgid.com jsc.mgid.com
4 id5-sync.com cdn.id5-sync.com
sync.quantumdex.io
4 imasdk.googleapis.com tr.novaya-pesn.com
imasdk.googleapis.com
4 ssp.wp.pl get.optad360.io
4 storage.googleapis.com cdn.zx-adnet.com
4 cdn.zx-adnet.com tr.novaya-pesn.com
cdn.zx-adnet.com
4 novaya-pesn.com tr.novaya-pesn.com
novaya-pesn.com
3 ups.analytics.yahoo.com 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 cdn.id5-sync.com securepubads.g.doubleclick.net
jsc.mgid.com
3 static.criteo.net securepubads.g.doubleclick.net
get.optad360.io
static.criteo.net
3 mc.yandex.ru 1 redirects tr.novaya-pesn.com
3 cdn.jsdelivr.net tr.novaya-pesn.com
get.optad360.io
securepubads.g.doubleclick.net
2 d5p.de17a.com 2 redirects
2 p.rfihub.com 2 redirects
2 pm.w55c.net 2 redirects
2 casale-match.dotomi.com 2 redirects
2 s.amazon-adsystem.com ssum-sec.casalemedia.com
2 u.ipw.metadsp.co.uk 2 redirects
2 px.ads.linkedin.com eb2.3lift.com
2 sync.1rx.io 2 redirects
2 cs-server-s2s.yellowblue.io sync.quantumdex.io
2 s.ad.smaato.net sync.quantumdex.io
2 ssp.disqus.com 2 redirects
2 match.sharethrough.com sync.quantumdex.io
2 ap.lijit.com sync.quantumdex.io
2 pubmatic-match.dotomi.com 2 redirects
2 um.simpli.fi 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 std.wpcdn.pl ssp.wp.pl
2 acdn.adnxs.com get.optad360.io
2 www.googletagmanager.com cdn.onnetwork.tv
www.googletagmanager.com
2 www.google-analytics.com cdn.onnetwork.tv
www.google-analytics.com
2 cm.mgid.com jsc.mgid.com
2 oajs.openx.net 1 redirects
2 i.clean.gg cadmus.script.ac
2 video.onnetwork.tv get.optad360.io
cdn.onnetwork.tv
2 bidder.criteo.com get.optad360.io
2 useast.quantumdex.io get.optad360.io
2 adx.adform.net get.optad360.io
2 hbopenbid.pubmatic.com get.optad360.io
2 web.hb.ad.cpe.dotomi.com get.optad360.io
2 prebid.a-mo.net get.optad360.io
2 prebid-eu.creativecdn.com get.optad360.io
2 script.4dex.io get.optad360.io
script.4dex.io
2 cdn.optad360.net
2 get.optad360.io tr.novaya-pesn.com
get.optad360.io
2 tr.novaya-pesn.com tr.novaya-pesn.com
1 pixel.onaudience.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 ad4m.at ssum-sec.casalemedia.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 i6.liadm.com ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 sync.mathtag.com ads.pubmatic.com
1 region1.google-analytics.com www.googletagmanager.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 stats.g.doubleclick.net www.google-analytics.com
1 s0.2mdn.net imasdk.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 23da06dcdb3da2ec45b32d919091d98f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c.mgid.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cadmus.script.ac script.4dex.io
1 dr5.biz tr.novaya-pesn.com
1 s7.addthis.com tr.novaya-pesn.com
0 uipglob.semasio.net Failed
0 mwzeom.zeotap.com Failed
0 sync.targeting.unrulymedia.com Failed ads.pubmatic.com
0 pixel-eu.onaudience.com Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 b1sync.zemanta.com Failed ads.pubmatic.com
0 sync-tm.everesttech.net Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
351 131

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
widgets.mgid.com
www.mgid.com
clck.mgid.com
www.optad360.com
novaya-pesn.com
ar.novaya-pesn.com
az.novaya-pesn.com
bn.novaya-pesn.com
bg.novaya-pesn.com
ca.novaya-pesn.com
hr.novaya-pesn.com
cs.novaya-pesn.com
da.novaya-pesn.com
de.novaya-pesn.com
nl.novaya-pesn.com
et.novaya-pesn.com
fa.novaya-pesn.com
fi.novaya-pesn.com
fr.novaya-pesn.com
el.novaya-pesn.com
es.novaya-pesn.com
iw.novaya-pesn.com
hi.novaya-pesn.com
hu.novaya-pesn.com
hy.novaya-pesn.com
id.novaya-pesn.com
it.novaya-pesn.com
is.novaya-pesn.com
ja.novaya-pesn.com
ko.novaya-pesn.com
kk.novaya-pesn.com
lv.novaya-pesn.com
lt.novaya-pesn.com
ms.novaya-pesn.com
mr.novaya-pesn.com
no.novaya-pesn.com
pl.novaya-pesn.com
pt.novaya-pesn.com
ro.novaya-pesn.com
sr.novaya-pesn.com
sk.novaya-pesn.com
sl.novaya-pesn.com
sv.novaya-pesn.com
sq.novaya-pesn.com
ta.novaya-pesn.com
te.novaya-pesn.com
tg.novaya-pesn.com
tl.novaya-pesn.com
th.novaya-pesn.com
uk.novaya-pesn.com
ur.novaya-pesn.com
uz.novaya-pesn.com
vi.novaya-pesn.com
ga.novaya-pesn.com
be.novaya-pesn.com
ka.novaya-pesn.com
ky.novaya-pesn.com
lb.novaya-pesn.com
lo.novaya-pesn.com
so.novaya-pesn.com
ceb.novaya-pesn.com
af.novaya-pesn.com
yi.novaya-pesn.com
ny.novaya-pesn.com
sw.novaya-pesn.com
zu.novaya-pesn.com
yo.novaya-pesn.com
gu.novaya-pesn.com
ne.novaya-pesn.com
pa.novaya-pesn.com
si.novaya-pesn.com
jw.novaya-pesn.com
mg.novaya-pesn.com
la.novaya-pesn.com
cy.novaya-pesn.com
km.novaya-pesn.com
hmn.novaya-pesn.com
haw.novaya-pesn.com
mi.novaya-pesn.com
sm.novaya-pesn.com
gl.novaya-pesn.com
ht.novaya-pesn.com
mt.novaya-pesn.com
su.novaya-pesn.com
bs.novaya-pesn.com
mk.novaya-pesn.com
my.novaya-pesn.com
ha.novaya-pesn.com
am.novaya-pesn.com
co.novaya-pesn.com
eo.novaya-pesn.com
eu.novaya-pesn.com
fy.novaya-pesn.com
gd.novaya-pesn.com
kn.novaya-pesn.com
ku.novaya-pesn.com
ml.novaya-pesn.com
mn.novaya-pesn.com
ps.novaya-pesn.com
sd.novaya-pesn.com
sn.novaya-pesn.com
xh.novaya-pesn.com
Subject Issuer Validity Valid
novaya-pesn.com
E1		 2023-10-23 -
2024-01-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
www.corporativoraj.com.mx
GTS CA 1D4		 2023-09-30 -
2023-12-29		 3 months crt.sh
*.optad360.io
Amazon RSA 2048 M02		 2023-09-17 -
2024-10-15		 a year crt.sh
www.bigmp3db.com
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.optad360.net
Amazon RSA 2048 M02		 2023-06-26 -
2024-07-24		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.wp.pl
RapidSSL TLS RSA CA G1		 2023-03-09 -
2024-03-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
onnetwork.tv
R3		 2023-10-22 -
2024-01-20		 3 months crt.sh
script.ac
E1		 2023-10-31 -
2024-01-29		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-11-14 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
cl.imghosts.com
Cloudflare Inc ECC CA-3		 2023-10-03 -
2024-10-02		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.wpcdn.pl
RapidSSL TLS RSA CA G1		 2023-05-06 -
2024-05-17		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh

This page contains 69 frames:

Primary Page: https://tr.novaya-pesn.com/actors-and-187
Frame ID: E6998D0775C3F570EE0437C825F7DB22
Requests: 177 HTTP requests in this frame

Frame: https://23da06dcdb3da2ec45b32d919091d98f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C8CE341D26ADF960C54D247904B94A02
Requests: 1 HTTP requests in this frame

Frame: https://cdn.onnetwork.tv/css/player86.css?s=1696164487
Frame ID: 65A45CC1A9702035AD78F531FE3C3410
Requests: 21 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=tr.novaya-pesn.com
Frame ID: 1D25160D6BA4B11100DAF54CB67E1358
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1700514696081906011937
Frame ID: 5B5365C31CA17E0AF02F459DFD49D7C6
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 3AB01747EF2731F4939D18A353FEE3D2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 18ECBFA0C18D000ED305EFB86ABA8945
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F0FFA5E450CFA48F1650AAB717F45321
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=tr.novaya-pesn.com
Frame ID: 6815490B549B20E668D4E6120213448D
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_pl.html
Frame ID: 40130F672D761239B1B5BB9B7EB096AE
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_pl.html
Frame ID: 9D96D1038D9529565584ECDEB62B6BD1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9F49E8750F2C7C82593B956AA0BE30F5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 09251931DA54B0CAFED2A09FDDE5830A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700514694745&gdpr=0
Frame ID: 35A11EFD39DC46D6504151D726825522
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=66746016794032290000&sn=mc_adapter
Frame ID: CA78295B352DBA81A6E554177CE8CABE
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700514694748&gdpr=0
Frame ID: B5CBDB1C88B5FFE04D4ED32B6CCCD17F
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 8A07833BFAA791A2114EFAC0717A8246
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: F26E4FE0D70BB131B8B2F0B0BB2CD1A0
Requests: 18 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F78FCDA247C7902455F354CEB4096EBC
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: E15B95D1589CA1356BB4D81CDCB3CFFF
Requests: 8 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=66746016794032290000&sn=mc_adapter
Frame ID: 5A7E7C8EE37BCC55BBB9746AD473DEA0
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4DE466A5722FBF601DF1A6FBB53C140B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 0C31E83C438ED7A1B4C797FEDE3B3773
Requests: 6 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 0F465CB897F5D34DDBFE748217810139
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 657D8F6421D56653C4FD938E581BEA0A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6431BC24-6095-4D44-B034-0167A1F61282&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 7702933E63BC5F88A95DF7BFAEA033AB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=C8t4AV6cdQEQzixRXMhgAATJdQYQmilXDc68ntaA
Frame ID: D745708637873C81B64CE94C3E82D594
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5624008184892383403&gdpr=0&gdpr_consent=
Frame ID: 1EE49DD5018B0D8B78A621BC03274BD1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7303655018573330571&gdpr=0&gdpr_consent=
Frame ID: 33F5B65C84940BEC07482C0930FEB3FF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Sm4ONreBXT5rUWArIq5FL7Bz7aI&gdpr=0&gdpr_consent=
Frame ID: DD2D86AABF232F63BD2FD9A79E907739
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d739b3d9-9bbd-4be6-b712-c205141e1bfb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 872E1341D5E049E0EFE30F59DF29A639
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFnek7Kt5cAABQkVnV5Vg&gdpr=0&gdpr_consent=
Frame ID: EE62A1196921DAF0CB5565C14D382ACF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdbb6a06773bc447cbf12dffda622974f
Frame ID: DEA9C62E1AD33F298B7CEC93F35E6BAE
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: 888922ADD1A961418952929315A43635
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: D647069876A5E22E0494104601EB8982
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: 62ABCAEB17CF9864A9A90282DAB3431B
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Frame ID: 3F415D3ED2FEF5826EBF83CC7EE1BB0F
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 3288F78E836DADE44D17004713D58E41
Requests: 10 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Frame ID: E66237931A40ED87FFDAEBF6BE720848
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: 5CADEB5A3A8361E8986B4E9BECCC6F16
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: E9509D6E3FA89642432A999265A8284D
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: 06D121DEFDE8AE96CB2CC0B31B8015A4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 9AB7CD40EB5661688DC3D7D81C9E68FA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: B5D091246BD2E6B268F79205EB05B115
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 7A93649D74E20EECE6D875A5C9957BE6
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: 2841A296FA09211D62EFC751697AC21A
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: 526D9BB820576C7333C6C75B645258DB
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: 3F2026DBA2941D8F84FC18BC284A4882
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: 11252DFFDBC0C5233A43027CB8697854
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: E6222D138D5AB30DE356517A49675FC9
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: 333311B0372DA0E1D8BC85874E9D71D8
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Frame ID: 99306E8B7EFD81B9689ED2FB8FB2085E
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Frame ID: F8C70ED5A0A6FC8A484C4F04A1E8F69C
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=6431BC24-6095-4D44-B034-0167A1F61282&gdpr=0&gdpr_consent=
Frame ID: 669C8FF76CC5819B0A2C0EBC060C4588
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 623838E46AF85ACADEA2050D63AF6162
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: C8E8D315426FB037B2F06536139770B9
Requests: 1 HTTP requests in this frame

Frame: https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Frame ID: AB55ECE5433221D7324CBD3EE0D6B9CF
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: D9949E126CAE55E8298BE9D1EB0B5F7F
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 7B9AC1ED9CEE7D7D4E7FEED2EBCF09A4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1485396846482334611
Frame ID: 85CF55E9019B99EFA7741F6AD9EA07DA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084928405951701
Frame ID: E56F385A67257FD6009A2237F5907208
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: A83015059ECE43E7ACBFEEB8B12BFB6B
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: EEC0A7F36F37684BDCAF582E935C4289
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 54E7DDFB1A08B626AC882F54396F88FB
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1FB3BB74C81EED60787AD4A9FCBD0A88
Requests: 1 HTTP requests in this frame

Frame: https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent
Frame ID: 8CC257321900147A4740C7DA651CC5FC
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: A68B79027B14934759F737B87921D3C2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:967D38F2666947E8A045C453087C1680&gdpr=0&gdpr_consent=
Frame ID: 694F36292368A0627D653B85CFBE4CA6
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-67705813-42c1-4706-a784-060afa148315-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-67705813-42c1-4706-a784-060afa148315-003
Frame ID: ED2A7E538B8E7054C452E6457A8AA4FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kıvırcık Saçlı 20 Ünlü Aktris ve Aktris - Moda - 2023

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

351
Requests

80 %
HTTPS

0 %
IPv6

91
Domains

131
Subdomains

83
IPs

12
Countries

4985 kB
Transfer

10560 kB
Size

120
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10193.jqSSBkMB1hazRf4eVRAfhKGTEV_e87_Qzsr0keCTHdKUp279BSvHhX9HmjBFUIJS.o0fax5XP3G7ZtTWGX2BOEsFpFE4%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10193.73IsXIEXXyyKU0XyoBPZcVCnoWeTVAXU-ZsSgw1GoIp8dxqrcyiG7pGm_cRnQHKA7ytWturFOCjZjN7bghUIOCsFZc2NXBH32r1-YjWg5YFxVD4jRMcv8NUUHw9tX0Wv_BGxABPFWltgYo67WowS41iLNFezyTlrSGyKN3qnCXKZEtOESMkDooj-JnOkVBiHT3LGNPngEqJr9_KiRKN_dqAE5c_zmdHuhSQR7L3K5-k%2C.0c5oOp8dGnUzQpJl0RX4NbohaAA%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10193.3JFt88FbsMMAToz9c08YXqVOqw6IVwc5MV1FhwtQkAXaT-YjYqLQx8COtnKESAUCu5dOMnun1VgYOOZppoJbJbZgCX5Gn1s86PazCI912xrGtbusByAc5uoAhbvFVyRNevDzMSQvCaL0hXk8BM4MPrVya1zUNBbUJPyH0KL4Al7RMoonrvr3CQxMtyJK23bUS4U-rQygDKGM2wfz2eNlvA%2C%2C.21n14IoFJMIW5VuSdxsl3x1YQh8%2C
Request Chain 102
  • https://mc.yandex.com/watch/84987520?wmode=7&page-url=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1323%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A672387447117%3Ahid%3A457929007%3Az%3A60%3Ai%3A20231120221134%3Aet%3A1700514695%3Ac%3A1%3Arn%3A926574954%3Arqn%3A1%3Au%3A1700514695991801631%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C539%2C320%2C39%2C0%2C0%2C%2C23%2C0%2C2391%2C2391%2C8%2C1232%3Aco%3A0%3Acpf%3A1%3Ans%3A1700514691699%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700514695%3At%3AK%C4%B1v%C4%B1rc%C4%B1k%20Sa%C3%A7l%C4%B1%2020%20%C3%9Cnl%C3%BC%20Aktris%20ve%20Aktris%20-%20Moda%20-%202023&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/84987520/1?wmode=7&page-url=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1323%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A672387447117%3Ahid%3A457929007%3Az%3A60%3Ai%3A20231120221134%3Aet%3A1700514695%3Ac%3A1%3Arn%3A926574954%3Arqn%3A1%3Au%3A1700514695991801631%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C539%2C320%2C39%2C0%2C0%2C%2C23%2C0%2C2391%2C2391%2C8%2C1232%3Aco%3A0%3Acpf%3A1%3Ans%3A1700514691699%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700514695%3At%3AK%C4%B1v%C4%B1rc%C4%B1k%20Sa%C3%A7l%C4%B1%2020%20%C3%9Cnl%C3%BC%20Aktris%20ve%20Aktris%20-%20Moda%20-%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Request Chain 126
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&rid=esp&cc=1
Request Chain 228
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 229
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 231
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 232
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6431BC24-6095-4D44-B034-0167A1F61282&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6431BC24-6095-4D44-B034-0167A1F61282&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 233
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=C8t4AV6cdQEQzixRXMhgAATJdQYQmilXDc68ntaA
Request Chain 234
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5624008184892383403&gdpr=0&gdpr_consent=
Request Chain 235
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7303655018573330571&gdpr=0&gdpr_consent=
Request Chain 236
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Sm4ONreBXT5rUWArIq5FL7Bz7aI&gdpr=0&gdpr_consent=
Request Chain 237
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d739b3d9-9bbd-4be6-b712-c205141e1bfb&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_b5bd6193-aac8-422a-910c-53a88605975e&bsw_param=d739b3d9-9bbd-4be6-b712-c205141e1bfb&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d739b3d9-9bbd-4be6-b712-c205141e1bfb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 238
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGbmVrN0t0NWNBQUJRa1ZuVjVWZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAFnek7Kt5cAABQkVnV5Vg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFnek7Kt5cAABQkVnV5Vg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFnek7Kt5cAABQkVnV5Vg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1285526550220035943&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFnek7Kt5cAABQkVnV5Vg&gdpr=0&gdpr_consent=
Request Chain 239
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdbb6a06773bc447cbf12dffda622974f
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZDG8JGCVTUSwNAFnofYSgg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 242
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3201192281 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6431BC24-6095-4D44-B034-0167A1F61282
Request Chain 243
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6431BC24-6095-4D44-B034-0167A1F61282 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aDY2ZjZ3RUhadUdRcDZmcjFyWXdsd3Qtdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4553778613067360570&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjQzMUJDMjQtNjA5NS00RDQ0LUIwMzQtMDE2N0ExRjYxMjgy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELfyZfVNObbRaIljHwLZJjE&google_cver=1
Request Chain 246
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:967D38F2666947E8A045C453087C1680
Request Chain 248
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4553778613067360570
Request Chain 249
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6431BC24-6095-4D44-B034-0167A1F61282&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6431BC24-6095-4D44-B034-0167A1F61282&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-q4SNzU9E2uXx38MUi3L.McvtLscpJP0-~A&gdpr=0
Request Chain 252
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6431BC24-6095-4D44-B034-0167A1F61282&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=f040fa527981633&is_secure=true&networkId=17100&version=1&nuid=6431BC24-6095-4D44-B034-0167A1F61282&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI8nXjwvfpCQMGnzRPAAAAAAA&expiration=1700601099&nuid=6431BC24-6095-4D44-B034-0167A1F61282&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 253
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7824266110080124504&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 255
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=6681620682794739991 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=753cb1d5-e76b-5345-81c7-3d85e49cf60e
Request Chain 256
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5624008184892383403
Request Chain 259
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-ff63ff87-5e91-30d9-84a7-040e179a28a1
Request Chain 264
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Request Chain 265
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 269
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 271
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-ff63ff87-5e91-30d9-84a7-040e179a28a1
Request Chain 275
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5624008184892383403
Request Chain 277
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=2853876293227825877 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=753cb1d5-e76b-5345-81c7-3d85e49cf60e
Request Chain 279
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 280
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 287
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Request Chain 289
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjMxNjU0ODE3ODI1NDczNjkxNTYx HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELxfx0oBdDM1K8iBXTyQFqg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 291
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjMxNjU0ODE3ODI1NDczNjkxNTYx
Request Chain 293
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1226500876584288566948?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-WrEXAJ1E2oSLg8iwZ4It1btdzoGGDypuBN7e.oKOUQ--~A&dongle=0883
Request Chain 294
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1226500876584288566948&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=d739b3d9-9bbd-4be6-b712-c205141e1bfb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=d739b3d9-9bbd-4be6-b712-c205141e1bfb
Request Chain 295
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=da8fa9cf-50ac-4393-83ae-5e4e64e66e80&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 296
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5624008184892383403&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 299
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjMxNjU0ODE3ODI1NDczNjkxNTYx HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 300
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELxfx0oBdDM1K8iBXTyQFqg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 301
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjMxNjU0ODE3ODI1NDczNjkxNTYx
Request Chain 303
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/631654817825473691561?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-WrEXAJ1E2oSLg8iwZ4It1btdzoGGDypuBN7e.oKOUQ--~A&dongle=0883
Request Chain 304
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=631654817825473691561&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=d739b3d9-9bbd-4be6-b712-c205141e1bfb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=d739b3d9-9bbd-4be6-b712-c205141e1bfb
Request Chain 305
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=da8fa9cf-50ac-4393-83ae-5e4e64e66e80&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 306
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5624008184892383403&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVvLi4sQwJN8QyoFIp5ccwAABGQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN2ym_YLGONuba5gprumDWo&google_cver=1
Request Chain 311
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVvLi4sQwJN8QyoFIp5ccwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPPvmWQ6Hul7oioz0LGljrw&google_cver=1
Request Chain 312
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVvLi4sQwJN8QyoFIp5ccwAA%261124&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVvLi4sQwJN8QyoFIp5ccwAA%261124&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=16f15716144c4699b31f178aeb811deb HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_tkgCo6D0QTETyLOwDNJe7nv9BD_txq_Hkwwcw HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_tkgCo6D0QTETyLOwDNJe7nv9BD_txq_Hkwwcw
Request Chain 313
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=5aa19c236314192f&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAH2GACra-EVwMH8L1mAAAAAAA&expiration=1700601099&is_secure=true
Request Chain 314
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=sd3eNYYE1R5byr5
Request Chain 315
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZVvLi4sQwJN8QyoFIp5ccwAABGQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZVvLi4sQwJN8QyoFIp5ccwAABGQAAAIB
Request Chain 317
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVvLi1OLnI88r8b70S.h5AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPPvmWQ6Hul7oioz0LGljrw&google_cver=1&google_hm=2
Request Chain 318
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVvLi1OLnI88r8b70S.h5AAA%261115&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVvLi1OLnI88r8b70S.h5AAA%261115&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=7c6c7f09b24a4ccf8b193b09ebd314e7 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_tkgCo6D0QTETyLOwDNJe7nv9BD_txq_Hkwwcw
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVvLi1OLnI88r8b70S-h5AAABFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN2ym_YLGONuba5gprumDWo&google_cver=1
Request Chain 322
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084928405951701
Request Chain 336
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1485396846482334611
Request Chain 337
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084928405951701
Request Chain 342
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent
Request Chain 344
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:967D38F2666947E8A045C453087C1680&gdpr=0&gdpr_consent=
Request Chain 345
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1700514701512 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4000840845 HTTP 302
  • https://sync.1rx.io/usersync/turn/7824266110080124504?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-67705813-42c1-4706-a784-060afa148315-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-67705813-42c1-4706-a784-060afa148315-003
Request Chain 348
  • https://pixel.onaudience.com/?partner=214&mapped=6431BC24-6095-4D44-B034-0167A1F61282&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 349
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:14300ea6-56bb-4cd2-a13f-896106f397a0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

351 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request actors-and-187
tr.novaya-pesn.com/ 		69 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
8ee5d334ebd2c64f30ca8cb9b2f2939dd340fdb829983d3f4321f31903c3515f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
DYNAMIC
cf-ray
8293af9acc4818f3-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 21:11:32 GMT
expires
Tue, 21 Nov 2023 21:11:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxdsYS1GKHpoFeCFhUxCt0eyWaPo5vGaBN1qXMdtaRMlxqQe8%2FK2SeQQUwfzqkrrcSBhuB9KXinvow6uu%2Fhjx5I8tYP8rxnzXFoax3FKp%2BwdWjMh9Q1EK%2BtlJsGJLi8Rnt8UdmI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.15
style.css
novaya-pesn.com/template/buzzy/css/ 		261 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://novaya-pesn.com/template/buzzy/css/style.css
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b6e7208f0744c2abdb3f02d95efdcd5d07914f291ac5cda113bb1636bc86ec6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
583968
cf-polished
status=cannot_optimize
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Dec 2022 09:32:50 GMT
server
cloudflare
etag
W/"4133f-5efeea740180c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g66QdzcANWXvUUp8WaHVyT4CQU06bLZokvN3BT7sbfZGN%2BdYi3hkwDvoWHDs%2Bbio80a2luKlCvxZlgj%2FB6IYkDd44jxaAGObehui8x8LlN7vukynyc1MUmwfSLJepbGDPf0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8293af9d2ec618f3-FRA
expires
Tue, 28 Nov 2023 02:58:44 GMT
yt.css
novaya-pesn.com/template/buzzy/css/ 		69 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://novaya-pesn.com/template/buzzy/css/yt.css
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
452e787cf1975b70f1efca2fe6b7ba823a5c71ae639e470ecc92677f3ca5f3fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
583074
cf-polished
origSize=70949
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Dec 2022 09:32:54 GMT
server
cloudflare
etag
W/"11525-5efeea77c36a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTC1UqkpoUA1nm7pODda2ZXATYzDhD4FWnDS9N79lnOIKB7UlKr4HM%2BVaTnC7kUBy3RlGf6%2BBwot2e2MGW%2Bg5LQAgOaTfkUuMjh9ChLLWN6nfbgPFtDxxFQ6dMgbk%2FrnKAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8293af9d2ec718f3-FRA
expires
Tue, 28 Nov 2023 03:13:38 GMT
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27530
x-jsd-version
3.1.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230114-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsPzg1HixnFndtcr%2BDX%2F198AaYlzbGNkrm2cZ%2BNCIcLaUVggbTIyBJxS70%2BDa4pOv0nRUlBqXNogWiX73N7gY3NVVjCzTAbIjnXoOYxSXQRrFHxwdRL6g8VpYNaRgBV8rpM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8293af9eaab09249-FRA
20-Celebrity-Actors-Actresses-With-Curly-Hair.webp
a.novaya-pesn.com/fashion/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/20-Celebrity-Actors-Actresses-With-Curly-Hair.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af909eec9b0317d0054f8d90fd13ff7a6d85ecdd95723280059733078d93994d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:32 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Nov 2022 13:18:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8726-5ed31b8afcdf4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhsLPmAamzY7s0m4LYMUlaymcZOyQBbocnwE7HfEGnY6E%2Bs6H0fmshBrC59nr59cmfqTMqlB3xJI%2FuKbtF2lQ5ofiTbN1SlXW05o6SeIbIO6l42iOrJ6eTcl0LLz3ZA2oATp1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9cee9318f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
34598
20-Celebrity-Actors-Actresses-With-Curly-Hair-1.webp
a.novaya-pesn.com/fashion/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/20-Celebrity-Actors-Actresses-With-Curly-Hair-1.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4e6bd79ab4b2f118e47be3738c6e1ba971cb2edc6e26625f6d306254a157ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:33 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:12:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f1fe-5ed31a3999d6d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQSyvtCt2F2X9%2FHtMPikhMZIxAMVFgTiw%2BUHPnswi8QgL9HrQISG2JBjcXVFSGmf%2FDhwpdA4WB6R6fLdNfeJbYHwJJTbEG5hLueX5tERa6dseZJRhOLuLx50Rsaj4I0zkcqkSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9cee9118f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
61950
20-Celebrity-Actors-Actresses-With-Curly-Hair-2.webp
a.novaya-pesn.com/fashion/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/20-Celebrity-Actors-Actresses-With-Curly-Hair-2.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d44f9bab27f40063165a6e3ac52a108fa43aed8643cfbfe02e77864cc237fdd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:32 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6c8e-5ed31b782384a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhW%2FeNVDd6wB5o7%2FRFBrcxgII%2FdwmPabSmC5rzWpg4raDx9rS6KT4DLTFU1m1QiEDZ8wh%2B0Cncc32ROiq%2BJ3Bw9Dh2ZKF2RCOTA5okmZ0d%2BkF5LOFFZ7BZU9us1mpvQy7IGmpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9cee9718f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
27790
20-Celebrity-Actors-Actresses-With-Curly-Hair-3.webp
a.novaya-pesn.com/fashion/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/20-Celebrity-Actors-Actresses-With-Curly-Hair-3.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c4fb5582bf1a3ca33735ba810b439ba114f7e6db604ff4e5268ae01e6c509a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:32 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:07:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a8fc-5ed3193796457"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2qrpPp46PD4ZRQicRpwzkY9FufvbN6F8k62gHzFiuRdeJuUG3cSH8JKx2dMRr%2BB2P1RA12OGx%2BZqpDOJGe4cKY%2FStEnNgAb9LmbYGJW8iZ3he4YmCK4DUX4OVjDgcLCQbfzPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9cee9418f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43260
20-Celebrity-Actors-Actresses-With-Curly-Hair-4.webp
a.novaya-pesn.com/fashion/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/20-Celebrity-Actors-Actresses-With-Curly-Hair-4.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54698ac2760d2dda8621bce7437e219b60dbb6d2ae4852d08bb852f8a23f6ec3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:33 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:13:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8272-5ed31a955aae9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzGI4qM678BCrlPyESfPy6xlaxrcY5B4TE4P75CCETxlBiNl69KUuybvtVqg%2BIY45F%2FNCtruOQydIxs6houzgfxNojLUQQHGY7OZnbqVanV5eLgns62NORmPwCOqZ4sC4nPbVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9cee9618f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
33394
20-Celebrity-Actors-Actresses-With-Curly-Hair-5.webp
a.novaya-pesn.com/fashion/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/20-Celebrity-Actors-Actresses-With-Curly-Hair-5.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc164ee288ef1239adcd706d655f5bb1ffd4ad0c69ba0d1b95e0160681fc8391

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:32 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:17:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"129f4-5ed31b61f526c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41qJSFbNKe%2FXfA23tpY6DbNcjvYCXXNbb4JVoqFf0rdpWOQVUzkTM7HBQqT0czrjBNfrQRqyayYbUE3oqX7IsHl4qg0qlrDy2MptQfaiSzxiaMfZkoAdCJYLLKWVKLPzT%2Fn%2FXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9cee9518f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
76276
20-Celebrity-Actors-Actresses-With-Curly-Hair-6.webp
a.novaya-pesn.com/fashion/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/20-Celebrity-Actors-Actresses-With-Curly-Hair-6.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
401b09cb3ca787f3d467b20c2427e211b31612a8451e8665f6850b5bc7665d97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:33 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:21:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"faf8-5ed31c3976965"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lDnzVjJuDxrvFDBNZWQ63ZttnaajA1IKsryByK4Cz36uVSqaC3k%2FtolNfQ9VW30%2FtqOlFKAM6SFygN00EDCNJIi21pHv22KRvZcQIl6WkwpK2EW8%2FeXH%2Bd7ISqSeUedzWaJEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9ed8da18f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
64248
20-Celebrity-Actors-Actresses-With-Curly-Hair-7.webp
a.novaya-pesn.com/fashion/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/20-Celebrity-Actors-Actresses-With-Curly-Hair-7.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94fffb01d4114e281cf22b4a80b657cee4258915fad3f25a07f8a3598ea6b3c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:33 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:08:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a5d0-5ed319782e5b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9N%2BK7cXOeyJS9Ctx9nbcB1f%2BfxlIrC2aXsBDjKu9QebCpxJ%2FdPPeCr4uyM%2B0rgO6xr3ItasjrzTu52BFDTuw2LSY2V%2BXDZMrh25g4gvICLT%2FJx85wfEPMEfmyQjYz7TMZn4lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9ed8de18f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
42448
20-Celebrity-Actors-Actresses-With-Curly-Hair-8.webp
a.novaya-pesn.com/fashion/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/20-Celebrity-Actors-Actresses-With-Curly-Hair-8.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe0649d396c9d8151c5c9fb12a8c3c351cde94f9b0408b3bb50cb9d0b8e8f5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:33 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:20:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c322-5ed31bfd6db7d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2D3HmJo4E74BgM7Eg1IMZTySoWOufh1Bw2i%2FHax0tJpkrPATr%2FgL4Sp7yY4aWcfqtRBjnO3mJcFlNAF%2BIn5087dSRy6tIPHULhPShHmBDfid65QX9T4SbU%2F8Dmr7V4JkvkH8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9ed8e018f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
49954
20-Celebrity-Actors-Actresses-With-Curly-Hair-9.webp
a.novaya-pesn.com/fashion/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/20-Celebrity-Actors-Actresses-With-Curly-Hair-9.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9871c4da882c5f49f62dfd347fa1bc902cc3f767a1491fde7d1a13a702429a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:33 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:19:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7412-5ed31bc23f59d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vA1RYuhycGa8EqRjkHlMtjSsVlHqFZRvKwtxj0KjQSau4VYy3tnjnfyUAUrrvUq4uKfBmwebdbYJ9NE%2Bf5WcjOtHItACHcGn87bNuWtL%2B5PzFhW0nOAgDwz%2BRhFsZcccRTnGCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9ed8e218f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
29714
20-Celebrity-Actors-Actresses-With-Curly-Hair-10.webp
a.novaya-pesn.com/fashion/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/20-Celebrity-Actors-Actresses-With-Curly-Hair-10.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a436bbd41d8411c39bf48d35c3b9fd3a37a40610a6f932db2b7dd54571d8ab7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:07:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7a52-5ed31925b3402"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHZg27GEgpww4TrwTCS0nEeRj0JARt8UW6f0ZizjXKPPS8b4q9ArmeznGGqLuqkK3ZCQNefXzTeKP%2BmVcsB%2F8AP9GCVrs9f5A7cJU3A%2F9B%2FTE3eeAzkKedXesCRwO2IP1R%2FjUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9ed8e418f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
31314
20-Celebrity-Actors-Actresses-With-Curly-Hair-11.webp
a.novaya-pesn.com/fashion/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/20-Celebrity-Actors-Actresses-With-Curly-Hair-11.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3607dc412e2ebf671ca1fcf810337180f4c6559c47c554855eb7fafcc31b63c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:33 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:19:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"12ba8-5ed31be1c064e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdhI%2FS%2F5vKGmPO%2F1cBCRuO31%2BzlvnfR3iC1Q8G3iDUyor1dhbbxp6RA%2BS%2FS8DXbub47O9ZlzIqEYnt%2BhcOjDDW0xyEyn0msJuq3VmIRo2jalHxsnCn8TnUkmyhvKOz%2B8AeHQrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9ed8e518f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
76712
rocket-loader.min.js
tr.novaya-pesn.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.novaya-pesn.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/actors-and-187
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 21:55:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65568fe4-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AjMf9DtnVzTnfMJAaRLrHJeGswZspAm0%2B%2BllKBj3L0yru1lUMJJ%2BC00y9YQRmORVoYegTD86Ae%2BJ8hP%2F%2BlIXW12RKdAkhDTBhMgT%2Flsaha3xEVTG1lCBUFAlVzNSYK%2F55ieZ5k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8293af9d3eec18f3-FRA
expires
Wed, 22 Nov 2023 21:11:32 GMT
scripts.js
novaya-pesn.com/template/buzzy/js/ 		177 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://novaya-pesn.com/template/buzzy/js/scripts.js
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68dbc402b8d95b31ec11900b3b5aee781e46330beeec75070f60a40c03b402d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
405507
cf-polished
origSize=181106
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Dec 2022 09:32:57 GMT
server
cloudflare
etag
W/"2c372-5efeea7aa5b1e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dq8OIWnGTANs5DUXMKlpLKzRwmAzcu15KcQtTmbXRDe%2B%2Bpd5ITu5M4beg%2FYsQ4NiGhm4QFvsBdV1USNI5wX6vjqWEYfUhx6ANUZR2lpccioHnZB%2Fgn1frzgJCdYHrUyTgMM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8293af9f192118f3-FRA
expires
Thu, 30 Nov 2023 04:33:05 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		56 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.238.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-238-53.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 20 Nov 2023 21:11:33 GMT
server
Oracle API Gateway
opc-request-id
/14A0C559AFC8C09F2B50E28CD209225A/10E3AB422711DABFA82A6A8212946A82
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block
smrcp_19121001.js
cdn.zx-adnet.com/adx/ 		145 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b2dc063ba0e3f0e238d1b63007bcad869cbe77032364ac931768592f99374f2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
date
Mon, 20 Nov 2023 21:11:33 GMT
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
19677
x-served-by
cache-fra-eddf8230038-FRA
last-modified
Tue, 17 Oct 2023 19:53:42 GMT
x-timer
S1700514693.975808,VS0,VE101
etag
"0379eb726d6206c827a3aba72b039087492e1a26387e0e0824927a4c08e54306-br"
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
x-cache-hits
0
/
dr5.biz/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dr5.biz/?te=g5sdeoddmy5ha3ddf42tomrx
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.66.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea86bd0effd5b26bed1d372822e158069fef645ababcde3df43a79fdeaa3d6a3
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:33 GMT
strict-transport-security
max-age=31536000
content-encoding
br
content-security-policy
img-src https: data:; upgrade-insecure-requests
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJwkkaXDTKbqNAAA8Y3ORYty3A64vzSg%2BgmwkdyApGUNK9cvPBLQ5vTfuBkCeTOtdzz%2BayeTo1rwkjbdg5IxfjNnxm%2B%2FQ%2BCwzIhmYvdCHJ02Zx3Le27fDskR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cf-ray
8293afa22829373f-FRA
alt-svc
h3=":443"; ma=86400
plugin.min.js
get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/ 		300 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/plugin.min.js
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-27.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bdae8f9339e4e37897aa62d7bfba461999dd92eafcfa09732378aa4e1e19071

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 22:00:27 GMT
content-encoding
gzip
via
1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified
Thu, 21 Sep 2023 10:10:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
83467
etag
W/"dda07990b3c4a97b7f129e4c6aec7d42"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
k_AHo3VhrwHFrrQOrbUVE9pCGhO9zLfOkI6JhqWW0XWw5hVwrl4xoA==
ep_naturalwhite.png
novaya-pesn.com/template/buzzy/img/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://novaya-pesn.com/template/buzzy/img/ep_naturalwhite.png
Requested by
Host: novaya-pesn.com
URL: https://novaya-pesn.com/template/buzzy/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://novaya-pesn.com/template/buzzy/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
truncated
/ 		41 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/webp
20-Celebrity-Actors-Actresses-With-Curly-Hair-12.webp
a.novaya-pesn.com/fashion/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/20-Celebrity-Actors-Actresses-With-Curly-Hair-12.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6631afa143e0e085bbdb7d0467871197fe21b9c5ba14846b2c93eb4445f53011

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:14:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"93ca-5ed31ab1b41f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiy5MHcZchyXDr5kIOeCJa%2Bysv%2F6appHeYjpDorUKwcXpE%2Biu4kTvFidvg2cKu62SaLCTN1BXbviCSWS0KO%2BI1UKq7nVintuNB8bSdN8zELB91heO7LybAoreIoIF2d9%2F2SyNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9f596318f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
37834
5-Simple-Lucy-Hale-Haircuts-for-Fans-to-Copy-4.webp
a.novaya-pesn.com/fashion/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/5-Simple-Lucy-Hale-Haircuts-for-Fans-to-Copy-4.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aef6d385190c6cd117c389f93a73cb4a484a517677094feefe892a4b4acd610

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Nov 2022 13:07:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"cc4e-5ed3193ef85fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8up%2BWtqkYQ7qBJSFQfGNbMDFZV6fBiv9GcVB4As8pFG6RldF6utREqTezCO6Ma7XaXl0W%2BMS7ymKtXH8G4n97I9kyUpZlf4SMpfGPlHXeSle03D8m1wUGOeYk94I0w4cCaV9wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9f596618f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
52302
How-to-Get-Rid-of-Unwanted-Facial-Body-Hair-4.webp
a.novaya-pesn.com/fashion/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/How-to-Get-Rid-of-Unwanted-Facial-Body-Hair-4.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc330331cf5364e844b83cd7fc3f35181b62c13f665cc3af9def330e0b7d91bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Nov 2022 13:09:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"98ac-5ed319aa27195"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YW%2BwvFCPKv8iLLy8QPuBs%2Frf4gu3F83TY3pPBO986QB2EF9oAwHc2Z2N%2FkjhEqw3f99tXa6vyzR3%2BnpSSCYzqaCQHq5BZrO2aNnF%2B%2Fip3GgyTEUc1%2FwmDDTYoZ6wWT8BXP93YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9f596818f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
39084
Top-5-Kimberly-Michelle-Hairstyles-Youll-Love.webp
a.novaya-pesn.com/fashion/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/Top-5-Kimberly-Michelle-Hairstyles-Youll-Love.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa20d67c7915f422627022b69af6d51d189b471f6f40a95994e76a9026fab7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Nov 2022 13:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7c40-5ed3199dbceeb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eg%2BgaAbExYfhaivCbcgauE7b8LnBPV2OLKmudr42WDW4MAIcDL9KESiZbIZZDdgw6ffnf6oNzi9EbAVe4ufUdRu%2Bmbv75dCS8AaQIXKK2A07yfEXDXKmO6kN1TKJ9A%2FSmOiiag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9f596b18f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
31808
15-Zero-Fade-Haircuts-to-Look-Younger-Instantly-2.webp
a.novaya-pesn.com/fashion/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/15-Zero-Fade-Haircuts-to-Look-Younger-Instantly-2.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a4e808909d3e877fd542aa4c74e2516a4e20638c50c4e4b152b01c73be25a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Nov 2022 13:12:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8ba2-5ed31a3d9f1e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCo23WVye%2FLgMZwWA7Q7ZmvKcnO7fXpBeHBM5wDFosUEzvpvTlzX%2FRDhMKrBcM8yS4i3ZCIazcPY8AWpseHDZ%2BJbTpdbxPmtbMeSZ3zwywgHAR6hNkeNvaRC2ho%2BgXZUvPD0EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9f596c18f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
35746
Do-Hair-Vitamins-Really-Work-1.webp
a.novaya-pesn.com/fashion/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/Do-Hair-Vitamins-Really-Work-1.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5becbc34295ab9be0f0c1390a1477af83927d57b09c80576c1ea04edc593ac3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Nov 2022 13:17:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"55e2-5ed31b7d8992e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beEkbDYkau7H90lmvIFPdnMMNJtZusiNzfTa9YtuQQaeYPe%2Blddh%2F49Ix%2FVrRBDl3CktruNek%2B5w6wHxRJPcN2yC6cZ3FfWVbbFlQhLVvsHcWnRXLDuK0nrFOjK%2BcCZ4lP7x%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9f596e18f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
21986
Crimped-Hair-23-Hairstyles-Thatll-Set-You-Apart-4.webp
a.novaya-pesn.com/fashion/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/Crimped-Hair-23-Hairstyles-Thatll-Set-You-Apart-4.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c65120c5317fce7629eac40e21bd51412b9b1989b5d5beb296ed8f16df64e3b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:08:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"103ae-5ed3194dc6d5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZMvpqHg0nt7jeJUatOT6G24CC8RlKaZ%2BLsus029TMLo893vJmrSrdDKZuEXFrPmCr8diW2sxWQC3RZZFut2I7xUKj3r%2FHEpcoB1m%2BhmhjkSyREbg1zeNRNS1NRwh3mUt0KpKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9f596f18f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
66478
Brassy-Blonde-Hair-101-All-You-Need-to-Know-9.webp
a.novaya-pesn.com/fashion/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/Brassy-Blonde-Hair-101-All-You-Need-to-Know-9.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec19064eae4b9c8ff179af739826328ead4e43a599aac1cdfc759d228fb37e24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:10:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c6b2-5ed319ec1e408"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCiHh%2BjhvAQqXIwUHr6WXoI%2FLCVQsBWMnzySoujXeDtGKlLOwb03Iu9abhrDKOXIAolF8fzB%2BzXKYSeL36mFMoV4ywMgBLZaGeUviXxjQKIGTQmYuxGnUXjZsaZcmWO%2BqvaHZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9f597018f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
50866
25-Top-Short-in-Front-Long-in-Back-Hairstyles-8.webp
a.novaya-pesn.com/fashion/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/25-Top-Short-in-Front-Long-in-Back-Hairstyles-8.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff66cf7bde270f743f86b2497208db2281f7b8743ad6e678e71f25c9161b525f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Nov 2022 13:16:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6796-5ed31b29b8ebe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86X6oWNJZ4voRdBS17yEjjRC6kOcmT%2B8j8MgDrUBjGNeZyrsScNT429N0SReQYWxxcCYTEf8o4THUstp7lhfVhcrDnCRvfkGgyCevlkTte4KSXFpHFKtMRUqDr13TZbHaC55FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9f597118f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
26518
The-7-Best-Dry-Shampoos-for-Dark-Hair-Reviewed.webp
a.novaya-pesn.com/fashion/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/The-7-Best-Dry-Shampoos-for-Dark-Hair-Reviewed.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7a48e0276b8d6a607fa93f2a7ade5ea7861ecd774077dbce6cd7ef541c829fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:17:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d280-5ed31b770eaae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZj1SVy38L4PsIXbxj3erSltw0NdlKwfLrqfMZUR2Rq%2F%2BUE6rw4qg26Tmtybb6jx7zwTq4C92uSX8lW39wNX5gVUd37O6RcS%2BROI2kQ7LaXYVRfwmGKdLculZ1NCjWxDeTHffQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9f597318f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
53888
25-Gorgeous-Black-Hair-With-Highlights-Get-A-New-Look-4.webp
a.novaya-pesn.com/fashion/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.novaya-pesn.com/fashion/25-Gorgeous-Black-Hair-With-Highlights-Get-A-New-Look-4.webp
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.200.59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f6bf7c646f219f2340340808ca7f78b9494b4636406b8c897eb319938358341

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Nov 2022 13:09:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65b0-5ed3199f7b36b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6HBOZnbiFUgaHdsvDPGEksrIFvZyzWKx4v0mQrxKAsb%2BKcJVfxNRzIsarwOQFCBCMZU0nGoTDq8iGCPCPULWx9uSXZAWbv8tbnQqKSTnlV3iZUBupcJI4x3CqjvYwYlCkcAUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8293af9f597418f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
26032
cookies_gdpr.js
cdn.zx-adnet.com/consent/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.37123152782195845
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4fbb34391124417f1861fef126cdcfadc1154022333f18a6758ec39cd0b9f649
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230038-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Mon, 20 Nov 2023 21:11:34 GMT
last-modified
Tue, 17 Oct 2023 19:53:42 GMT
x-timer
S1700514694.091142,VS0,VE46
etag
"5192776ee81d109741ecd353d9f00d8e72a8be2eb4295ad0769ef002fbf30768-br"
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
no-cache
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache-hits
0
1duwt.min.js
www.bigmp3db.com/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.min.js?9237296
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
77d9102b426f1487e8550ed41e3650f47d74c020c7486e2876f07698fc97bb88
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
duration
1897411
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=300
access-control-allow-headers
*
expires
Mon, 20-Nov-2023 23:16:34 EET
tag.js
mc.yandex.ru/metrika/ 		200 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
ac8e8ffc35ba53190925d14ab161e6ca52390305a820f53dcd8acaf5fee759bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Nov 2023 10:50:54 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6553510e-11399"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70553
expires
Mon, 20 Nov 2023 22:11:34 GMT
mr.js
storage.googleapis.com/s2t-images/ 		2 B
157 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.31069886796608803
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f27.1e100.net
Software
UploadServer /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpDTwQfMdEN56BJ1O7EqE2iARBTcyUGIzA_UqlkDimOXfIKCZGRkJDFJRCDXMNCfM8qNn0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
last-modified
Wed, 11 Oct 2023 08:57:56 GMT
server
UploadServer
etag
"14293ad9ad0ffaf9f7a3acf1b0793b66"
vary
Accept-Encoding
x-goog-generation
1697014675945234
content-type
application/javascript
x-goog-hash
crc32c=ZKOpww==, md5=FCk62a0P+vn3o6zxsHk7Zg==
cache-control
public, max-age=31536000
x-goog-stored-content-length
22
accept-ranges
bytes
expires
Tue, 19 Nov 2024 21:11:34 GMT
abs.js
cdn.zx-adnet.com/adx/ 		220 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/abs.js?0.4955256174661673
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
date
Mon, 20 Nov 2023 21:11:34 GMT
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
107
x-served-by
cache-fra-eddf8230038-FRA
last-modified
Tue, 17 Oct 2023 19:53:42 GMT
x-timer
S1700514694.153430,VS0,VE48
etag
"5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
x-cache-hits
0
mr.js
storage.googleapis.com/s2t-images/ 		2 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.44381485377717333
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f27.1e100.net
Software
UploadServer /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrvZgL7FtivSAdbGR6p1WqwbfZ1fui22WKZfBCzhQJZ7_b7Gcvw7ALNPEVTl3cQT7R2q00
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
last-modified
Wed, 11 Oct 2023 08:57:56 GMT
server
UploadServer
etag
"14293ad9ad0ffaf9f7a3acf1b0793b66"
vary
Accept-Encoding
x-goog-generation
1697014675945234
content-type
application/javascript
x-goog-hash
crc32c=ZKOpww==, md5=FCk62a0P+vn3o6zxsHk7Zg==
cache-control
public, max-age=31536000
x-goog-stored-content-length
22
accept-ranges
bytes
expires
Tue, 19 Nov 2024 21:11:34 GMT
mr.js
storage.googleapis.com/s2t-images/ 		2 B
156 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.31997707810671816
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f27.1e100.net
Software
UploadServer /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpzV2ONaVmhiRJqmcQx_Yc1pgpI7vINE4g7lSFq7WPQfIoq230DCa-QMyBC0jts3Eq0LfI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
last-modified
Wed, 11 Oct 2023 08:57:56 GMT
server
UploadServer
etag
"14293ad9ad0ffaf9f7a3acf1b0793b66"
vary
Accept-Encoding
x-goog-generation
1697014675945234
content-type
application/javascript
x-goog-hash
crc32c=ZKOpww==, md5=FCk62a0P+vn3o6zxsHk7Zg==
cache-control
public, max-age=31536000
x-goog-stored-content-length
22
accept-ranges
bytes
expires
Tue, 19 Nov 2024 21:11:34 GMT
mr.js
storage.googleapis.com/s2t-images/ 		2 B
154 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.24539983773131135
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.91 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f27.1e100.net
Software
UploadServer /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPres-m7zjrEnf6FYmT8fgNWG-YpPHIDslf5FRhD3JhHWWGt3mwF6oxsCz1BsIs4ccwhw9c
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
last-modified
Wed, 11 Oct 2023 08:57:56 GMT
server
UploadServer
etag
"14293ad9ad0ffaf9f7a3acf1b0793b66"
vary
Accept-Encoding
x-goog-generation
1697014675945234
content-type
application/javascript
x-goog-hash
crc32c=ZKOpww==, md5=FCk62a0P+vn3o6zxsHk7Zg==
cache-control
public, max-age=31536000
x-goog-stored-content-length
22
accept-ranges
bytes
expires
Tue, 19 Nov 2024 21:11:34 GMT
checkabuse
cdn.zx-adnet.com/ 		56 B
350 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.4955256174661673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
date
Mon, 20 Nov 2023 21:11:34 GMT
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
65
x-served-by
cache-fra-eddf8230038-FRA
server
Google Frontend
x-timer
S1700514694.221454,VS0,VE152
etag
W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html; charset=utf-8
x-cloud-trace-context
2d99644c3b555b7d48549bcb29b339c1
cache-control
max-age=3600,public
function-execution-id
u2sd1gzy8ukc
accept-ranges
bytes
x-orig-accept-language
de-DE,de;q=0.9
x-country-code
US
x-cache-hits
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1a3e74e33969dddfbdfcde0b5fc546d1038e813e44965e0b939114b2e8791194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30714
x-xss-protection
0
server
cafe
etag
660 / 19681 / 31079745 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 21:11:34 GMT
prebid7.36.3.js
get.optad360.io/sf/ 		520 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid7.36.3.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-27.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 07:50:02 GMT
content-encoding
gzip
via
1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified
Mon, 03 Apr 2023 08:32:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
2899293
etag
W/"0a921f4d0ab6e1dce1061b3c4ed313ce"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-id
ifEfF_xwGHmEvm3w9kZaFhJ4qfcwTi5ek_ylZDWU51fHHV_i6dRi3w==
branding-ads.svg
cdn.optad360.net/icons/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.optad360.net/icons/branding-ads.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 00:50:58 GMT
content-encoding
gzip
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 12:02:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
3788437
etag
W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=360000000
x-amz-cf-id
UgGCfa4676NyS7JhaKGcWdxNpjCznEpCcmvZvtELg55frmkMcbBNfg==
1duwt.json
www.bigmp3db.com/ 		59 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?9237296
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
b2cdc8c6f17883f3d99d62175ebb41616a72e79b7fed998f4368b1073a6c6393
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
1duwt.json
www.bigmp3db.com/ 		2 KB
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?9237296
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
5d7fb3f8787800686af4387c045112ab3100afacfca96bf2bcf6e745b2fcb5d3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
1duwt.json
www.bigmp3db.com/ 		59 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?9237296
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
a38984a198599b1591841d6c6761f97f8ce5ded1336f31d975832be1b26f21c4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
warbletoncouncil.org.1102315.js
jsc.mgid.com/w/a/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?9237296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea22e731fdb97440f33d26f1972b5fca8f52fa76a7db5355fd25e398b72e4571
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
x-amz-version-id
q7kwky7lHrlO571NtSONjo8FZ4Kk5gbJ
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
1V55K2X5ZYF17BCN
age
6483
cf-polished
origSize=3941
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
f7fill5Sn2+58j0KvqjDe8p7J9DivDff0DZQ8qAyz/J2cZEEkGd1H/anmO1PkyBDXkDi2qnd/3Y=
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 13:59:43 GMT
server
cloudflare
etag
W/"6fbadfbcbbfb7cd0617cdac72ecb56f0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
8293afaae992366d-FRA
expires
Tue, 21 Nov 2023 00:11:34 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231120
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c456cf0ac5658c4f8012b1640ee09d1c83a478bc7608ef9fc24301bb2a42d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18641
x-jsd-version
1.0.1880
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230083-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-i6OtvaSkIx79BjIAPqiQ5gZPX0w"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttl1RFZZUFRXzTyqcPaoASXd5qV2MfSF9xzDwGTlEmBVia0ltxokdc1t9XYMdu42AP0vL9lU%2BkSp71cDjqCiJS%2B4e%2B7IeEwZ0kXR2NMYUzRA4o78E1dbr6WSAxhsNy4EklU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8293afaaec8e90dc-FRA
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 21:11:34 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 06 Nov 2023 14:13:09 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
836706
ETag
W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMeJQBa%2Fkqtg0mI6kSiCb8bgZInR5EvDTFe45F9%2BMTRob0HWJtmJnDoRpRERepf5zDMt5mPfTkP6MYUj3CN%2B8HVewl%2FZcA55BPnFazeuqzX8OxYgZuzTBn9TzWc5qyLZ"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
8293afab0db15ca4-FRA
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tr.novaya-pesn.com
date
Mon, 20 Nov 2023 21:11:34 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid-request
onetag-sys.com/ 		15 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://tr.novaya-pesn.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
c
prebid.a-mo.net/a/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tr.novaya-pesn.com
date
Mon, 20 Nov 2023 21:11:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
server
envoy
vary
origin, Accept-Encoding
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.215.202.178 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams05-convex-float1.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:35 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:34 GMT
an-x-request-uuid
5980155a-8309-494a-9160-7eed15298e3e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		50 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:34 GMT
an-x-request-uuid
a5d76c36-8c13-44e2-92ac-a4c60f86038c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
50
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tr.novaya-pesn.com
date
Mon, 20 Nov 2023 21:11:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ 		0
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
pbjs
useast.quantumdex.io/auction/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.36.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, GET
x-reason
[Inventory] site.domain not match RootDomain, novaya-pesn.com != vermin-club.org
access-control-allow-origin
https://tr.novaya-pesn.com
access-control-allow-credentials
true
cf-ray
8293afacfd6c0408-FRA
content-length
0
/
ssp.wp.pl/bidder/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.36.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tr.novaya-pesn.com
date
Mon, 20 Nov 2023 21:11:34 GMT
access-control-allow-credentials
true
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
server
nginx
vary
Origin
accept-ch-lifetime
604800
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.36.0&cb=91878904156&lsavail=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tr.novaya-pesn.com
date
Mon, 20 Nov 2023 21:11:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.215.202.178 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams05-convex-float1.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:35 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tr.novaya-pesn.com
date
Mon, 20 Nov 2023 21:11:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tr.novaya-pesn.com
date
Mon, 20 Nov 2023 21:11:34 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid-request
onetag-sys.com/ 		15 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://tr.novaya-pesn.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
pbjs
useast.quantumdex.io/auction/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.36.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, GET
x-reason
[Inventory] site.domain not match RootDomain, novaya-pesn.com != vermin-club.org
access-control-allow-origin
https://tr.novaya-pesn.com
access-control-allow-credentials
true
cf-ray
8293afacfd6d0408-FRA
content-length
0
/
ssp.wp.pl/bidder/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.36.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tr.novaya-pesn.com
date
Mon, 20 Nov 2023 21:11:34 GMT
access-control-allow-credentials
true
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
server
nginx
vary
Origin
accept-ch-lifetime
604800
prebid
ib.adnxs.com/ut/v3/ 		50 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:34 GMT
an-x-request-uuid
016da4b9-304b-4ee9-95be-1e8e974de459
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
50
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.36.0&cb=69969465710&lsavail=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tr.novaya-pesn.com
date
Mon, 20 Nov 2023 21:11:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
openrtb
adx.adform.net/adx/ 		0
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		139 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
641458e25c7fd62f86f4ed65b5b21d5d18414b8052c99c76da8060efc314dcc2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:34 GMT
an-x-request-uuid
66b2d000-6039-4051-862e-336025e1bda3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tr.novaya-pesn.com
date
Mon, 20 Nov 2023 21:11:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
server
envoy
vary
origin, Accept-Encoding
embed.php
video.onnetwork.tv/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.onnetwork.tv/embed.php?ext=optad
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.202.23.16 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11.eris-i.of.pl
Software
XO.webservant /
Resource Hash
cd96048ee00f0cc5fc666107a914b596b24cbc94d2c72f341911f92bae7c592c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 20 Nov 2023 21:11:34 GMT
last-modified
Mon, 20 Nov 2023 21:11:33 GMT
server
XO.webservant
vary
Accept-Encoding
p3p
CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
content-type
text/javascript;charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy
fullscreen *; autoplay;
content-length
740
expires
Mon, 20 Nov 2023 21:11:33 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10193.jqSSBkMB1hazRf4eVRAfhKGTEV_e87_Qzsr0keCTHdKUp279BSvHhX9HmjBFUIJS.o0fax5XP3G7ZtTWGX2BOEsFpFE4%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10193.73IsXIEXXyyKU0XyoBPZcVCnoWeTVAXU-ZsSgw1GoIp8dxqrcyiG7pGm_cRnQHKA7ytWturFOCjZjN7bghUIOCsFZc2NXBH32r1-YjWg5YFxVD4jRMcv8NUUHw9tX0Wv_BGxABPFWl...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10193.3JFt88FbsMMAToz9c08YXqVOqw6IVwc5MV1FhwtQkAXaT-YjYqLQx8COtnKESAUCu5dOMnun1VgYOOZppoJbJbZgCX5Gn1s86PazCI912xrGt...
43 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10193.3JFt88FbsMMAToz9c08YXqVOqw6IVwc5MV1FhwtQkAXaT-YjYqLQx8COtnKESAUCu5dOMnun1VgYOOZppoJbJbZgCX5Gn1s86PazCI912xrGtbusByAc5uoAhbvFVyRNevDzMSQvCaL0hXk8BM4MPrVya1zUNBbUJPyH0KL4Al7RMoonrvr3CQxMtyJK23bUS4U-rQygDKGM2wfz2eNlvA%2C%2C.21n14IoFJMIW5VuSdxsl3x1YQh8%2C
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10193.3JFt88FbsMMAToz9c08YXqVOqw6IVwc5MV1FhwtQkAXaT-YjYqLQx8COtnKESAUCu5dOMnun1VgYOOZppoJbJbZgCX5Gn1s86PazCI912xrGtbusByAc5uoAhbvFVyRNevDzMSQvCaL0hXk8BM4MPrVya1zUNBbUJPyH0KL4Al7RMoonrvr3CQxMtyJK23bUS4U-rQygDKGM2wfz2eNlvA%2C%2C.21n14IoFJMIW5VuSdxsl3x1YQh8%2C
date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Nov 2023 10:50:54 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6553510e-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 20 Nov 2023 22:11:34 GMT
warbletoncouncil.org.1102315.es6.js
jsc.mgid.com/w/a/ 		320 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d96060ff7f2c3d764cc169fc0fa4d5b41c279a59827acff8c007d2e907ce0b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
x-amz-version-id
heHHC1H_3GxiBWO2Q6R.RvKRxC6ArJSX
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
9WZE370CDY1XRND9
age
6213
cf-polished
origSize=327241
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
xYJfkLIh91Pi4DQdKVzuF3NllzCaa2GXYdtTnCH3wpADP+rbSSjrz2YBpdZ120SQBJ1I5Z5wwWo=
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 11:40:33 GMT
server
cloudflare
etag
W/"0e636dbe786648ae23c78ea4bea28bb5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
8293afab49f7366d-FRA
expires
Tue, 21 Nov 2023 00:11:34 GMT
1duwt.json
www.bigmp3db.com/ 		59 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?9237296
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
50b68fd74483f074c35c84ff6e598c53b7eec94bacde55611833ac95af4ae697
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
warbletoncouncil.org.1102315.js
jsc.mgid.com/w/a/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?9237296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea22e731fdb97440f33d26f1972b5fca8f52fa76a7db5355fd25e398b72e4571
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
x-amz-version-id
q7kwky7lHrlO571NtSONjo8FZ4Kk5gbJ
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
1V55K2X5ZYF17BCN
age
6483
cf-polished
origSize=3941
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
f7fill5Sn2+58j0KvqjDe8p7J9DivDff0DZQ8qAyz/J2cZEEkGd1H/anmO1PkyBDXkDi2qnd/3Y=
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 13:59:43 GMT
server
cloudflare
etag
W/"6fbadfbcbbfb7cd0617cdac72ecb56f0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
8293afab4a00366d-FRA
expires
Tue, 21 Nov 2023 00:11:34 GMT
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		129 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21d8bd890b501da5f0287f9c95544d05fbd8e208a16a2815279c5ee2000990ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
content-encoding
gzip
last-modified
Mon, 20 Nov 2023 18:23:15 GMT
server
cloudflare
age
0
etag
W/"ab7a7aa1c07a3e8b17083ccc78a2041e97526ed4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
8293afad58909a3c-FRA
adagio.js
script.4dex.io/ 		77 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 21:11:35 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 06 Nov 2023 14:13:08 GMT
Server
cloudflare
ETag
W/"ccc354615ffb5b4afd96268bab4a6502"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPsPM%2Fs%2FSa3guIIg4t5FpdgcqW9xuDZLiUE%2F1LJp9gSP9lBdZaUfQybu%2B2jPJy5hBXIbl%2FUxDeh0GlD7IEsRO1Zh4T3SMH1ym%2FIU4FqbfO2VqJj6F9bY%2FFcOzHP2sJmh"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8293afad39dd9265-FRA
embed.min.js
cdn.onnetwork.tv/js/player90/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1699988071
Requested by
Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?ext=optad
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vh11c.eris-w26.of.pl
Software
XO.webservantpro /
Resource Hash
117d88901f08b583794061e82c92fc27c51259be901f3b3b41b4a831f4ae13df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 14 Nov 2023 18:54:31 GMT
server
XO.webservantpro
etag
W/"6553c267-15b78"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Fri, 07 Jun 2024 21:11:35 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 21:40:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
84684
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138149
x-xss-protection
0
server
cafe
etag
11558412289700915514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 18 Nov 2024 21:40:10 GMT
1duwt.json
www.bigmp3db.com/ 		59 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?9237296
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
143fb7e49500b4ade69ff58ed08c9164439a9bd758d248a69e4d8431782995f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 21:11:34 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
warbletoncouncil.org.1102315.js
jsc.mgid.com/w/a/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?9237296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea22e731fdb97440f33d26f1972b5fca8f52fa76a7db5355fd25e398b72e4571
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
x-amz-version-id
q7kwky7lHrlO571NtSONjo8FZ4Kk5gbJ
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
1V55K2X5ZYF17BCN
age
6484
cf-polished
origSize=3941
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
f7fill5Sn2+58j0KvqjDe8p7J9DivDff0DZQ8qAyz/J2cZEEkGd1H/anmO1PkyBDXkDi2qnd/3Y=
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 13:59:43 GMT
server
cloudflare
etag
W/"6fbadfbcbbfb7cd0617cdac72ecb56f0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
8293afabca7b366d-FRA
expires
Tue, 21 Nov 2023 00:11:35 GMT
15c42009-c255-422c-bab5-b1f1be90d18e
https://tr.novaya-pesn.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tr.novaya-pesn.com/15c42009-c255-422c-bab5-b1f1be90d18e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
7ca974c0-cd1e-46d8-adc5-19ea8ad1a1c3
https://tr.novaya-pesn.com/ 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tr.novaya-pesn.com/7ca974c0-cd1e-46d8-adc5-19ea8ad1a1c3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
6bd42eca-7454-4996-b932-232d2674a6aa
https://tr.novaya-pesn.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tr.novaya-pesn.com/6bd42eca-7454-4996-b932-232d2674a6aa
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
25b9475d-3e05-4891-9544-ab0fc3d0aff9
https://tr.novaya-pesn.com/ 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tr.novaya-pesn.com/25b9475d-3e05-4891-9544-ab0fc3d0aff9
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 18:17:52 GMT
content-encoding
gzip
age
2343223
x-guploader-uploadid
ADPycdsxLlKLCVb5W3Djj1V0MEZiayMLPqEhV9H3fgXZaELS3ccW0PQo2-GKz1rWI_UNhL9w3-cScigVqDHesSZuOcxycA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 23 Oct 2024 18:17:52 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Nov 2023 21:11:35 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		155 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
902f47bc9eeb026da8cbcef8c7ec51aaa1f73bf7ca587c8694cceb36ff91a92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 09:30:02 GMT
server
cloudflare
x-amz-request-id
50AD3MB2RZ3KVN2G
age
3447
etag
W/"5cdc7028bae687cbffcc9d7982dd9ad5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8293afb09fb43802-FRA
x-amz-id-2
FwZa/no8lB8zcgdQW62f0w2J7PIIblXuX9AX0W6QFFlU5YTuezs6/j1GE2QlsXGU2Z1gDKNhl6I=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.129.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-129-71.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Mon, 20 Nov 2023 10:03:28 GMT
Via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
40088
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
iY2ZPLeK3vNL8qvGkZtHiKxC72Tt0ey1d1DU9Z0kGlm71fTx9cXSGw==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10280
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230100-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHE3sUlrLEZuZtNLG2wsLI4GcublCbDIgnhsr6LBdbum0d5UkS7LJypzr3oqLRh5GYXgH9YkAOhZif%2F%2BTyMeosDsa9Nx4qSb%2FooJLaBS3JIFt38QQpmimmyNPM1C4Ysu%2BPU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8293afacf8a79249-FRA
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:38:20 GMT
content-encoding
gzip
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
48796
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
WYEBYILwRxq6fJBxYu3DqfnerZtZeQ0EcYJjicMRJ0yIz3a3GdUaDA==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
34f2dad87cd007711281830aa48cc14b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
warbletoncouncil.org.1102315.es6.js
jsc.mgid.com/w/a/ 		320 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d96060ff7f2c3d764cc169fc0fa4d5b41c279a59827acff8c007d2e907ce0b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
x-amz-version-id
heHHC1H_3GxiBWO2Q6R.RvKRxC6ArJSX
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
9WZE370CDY1XRND9
age
6214
cf-polished
origSize=327241
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
xYJfkLIh91Pi4DQdKVzuF3NllzCaa2GXYdtTnCH3wpADP+rbSSjrz2YBpdZ120SQBJ1I5Z5wwWo=
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 11:40:33 GMT
server
cloudflare
etag
W/"0e636dbe786648ae23c78ea4bea28bb5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
8293afad2c3c366d-FRA
expires
Tue, 21 Nov 2023 00:11:35 GMT
1duwt.json
www.bigmp3db.com/ 		59 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?9237296
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
655d4902d8de9a3b83e47cfcd1273378ea464877f5f8754d32c77456756f1819
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
warbletoncouncil.org.1101801.js
jsc.mgid.com/w/a/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.js
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?9237296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ef79311e4b86fbf397e3f97f1ae7dee32d1d6e747ff69bdfb82fc011db5eda0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
x-amz-version-id
d3_GO4vy1gu7o5LQR6Um6V.S_vzmrGBR
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
16P0BD5BMHSKFN84
age
6483
cf-polished
origSize=3941
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/B3QZwbW8gZveKvdyF9MOSEVELqa4IbQPmorxxuJ4+MHBf0+u0ZF3Ur7Hmn87P0D2w7Go+gvqYc=
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 13:59:14 GMT
server
cloudflare
etag
W/"9d7e56f3fba0d847b231864086420115"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
8293afad2c3e366d-FRA
expires
Tue, 21 Nov 2023 00:11:35 GMT
/
c.mgid.com/pv/ 		43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/pv/?lu=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&cbuster=1700514695233919198015&pvid=18bee9308408cf64d01&implVersion=11&cxurl=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&site=692293&i=1&scum=%3F0&scuw=%3F0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
8293afad7ca5366d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
embedOptAd.min.js
cdn.onnetwork.tv/js/player90/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/js/player90/embedOptAd.min.js?s=1699988071
Requested by
Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?ext=optad
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vh11c.eris-w26.of.pl
Software
XO.webservantpro /
Resource Hash
c7904b30f4ff577212dec430706a546c3f6887198ef31c4476e3817d91701584
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 14 Nov 2023 18:54:31 GMT
server
XO.webservantpro
etag
W/"6553c267-7c92"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Fri, 07 Jun 2024 21:11:35 GMT
1
mc.yandex.com/watch/84987520/
Redirect Chain
  • https://mc.yandex.com/watch/84987520?wmode=7&page-url=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1323%...
  • https://mc.yandex.com/watch/84987520/1?wmode=7&page-url=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A132...
427 B
519 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/84987520/1?wmode=7&page-url=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1323%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A672387447117%3Ahid%3A457929007%3Az%3A60%3Ai%3A20231120221134%3Aet%3A1700514695%3Ac%3A1%3Arn%3A926574954%3Arqn%3A1%3Au%3A1700514695991801631%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C539%2C320%2C39%2C0%2C0%2C%2C23%2C0%2C2391%2C2391%2C8%2C1232%3Aco%3A0%3Acpf%3A1%3Ans%3A1700514691699%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700514695%3At%3AK%C4%B1v%C4%B1rc%C4%B1k%20Sa%C3%A7l%C4%B1%2020%20%C3%9Cnl%C3%BC%20Aktris%20ve%20Aktris%20-%20Moda%20-%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
5367e0bb47613c700fc9baf850bd1378096e1fc69fe3ad76d9c59c1b278c1809
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 20-Nov-2023 21:11:35 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
427
x-xss-protection
1; mode=block
expires
Mon, 20-Nov-2023 21:11:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 20-Nov-2023 21:11:35 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/84987520/1?wmode=7&page-url=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A1323%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A672387447117%3Ahid%3A457929007%3Az%3A60%3Ai%3A20231120221134%3Aet%3A1700514695%3Ac%3A1%3Arn%3A926574954%3Arqn%3A1%3Au%3A1700514695991801631%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C539%2C320%2C39%2C0%2C0%2C%2C23%2C0%2C2391%2C2391%2C8%2C1232%3Aco%3A0%3Acpf%3A1%3Ans%3A1700514691699%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700514695%3At%3AK%C4%B1v%C4%B1rc%C4%B1k%20Sa%C3%A7l%C4%B1%2020%20%C3%9Cnl%C3%BC%20Aktris%20ve%20Aktris%20-%20Moda%20-%202023&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 20-Nov-2023 21:11:35 GMT
warbletoncouncil.org.1101801.es6.js
jsc.mgid.com/w/a/ 		311 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41acc67d4d33ea09ad89145cb8e953c64f49ea1b12f20d866d6e91ed79283fba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
x-amz-version-id
q.oTP3SYGY2kegzDdapTAlMA1E3dyPe9
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
2T0QCJVSZJ48ZW0Z
age
6481
cf-polished
origSize=318541
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Aeqjwiu3ebOQP9IMqgcevDjA8YZhALIGTIx3MmAvI6hIlhdoE8v1NJndvSpZ6tUUXx8iPbdt0Hs=
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 11:40:08 GMT
server
cloudflare
etag
W/"6daf9c36c087b1dc6aca9b3beea0b7d2"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
8293afadbd03366d-FRA
expires
Tue, 21 Nov 2023 00:11:35 GMT
1duwt.json
www.bigmp3db.com/ 		59 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?9237296
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
a0170ec3c81176b1fe600398de58d422bd0b059407585b1df39822e0e1fa164d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
9a3d0b0c-5c97-402e-81ee-cff802f3beb3
https://tr.novaya-pesn.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tr.novaya-pesn.com/9a3d0b0c-5c97-402e-81ee-cff802f3beb3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
5c2c53b4-f7f6-4ea9-8b04-236d5da3e832
https://tr.novaya-pesn.com/ 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tr.novaya-pesn.com/5c2c53b4-f7f6-4ea9-8b04-236d5da3e832
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
frame86.php
video.onnetwork.tv/ 		22 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video.onnetwork.tv/frame86.php?id=ffONNPfb55ab4c632d66f43b113a79d94278eb17005146952951&iid=1700514695296&e=1&ap=4&map=1&umum=1&naa=0&pinva=1&pinv=1&dpre=1&onnsfonn=1&vids=476375&exmp4=https%3A%2F%2Fget.optad360.io%2Fassets%2Fmp4%2Fvideo_315s_eng_05-23.mp4&dpb=1&onnwid=9074&wtop=https%253A%252F%252Ftr.novaya-pesn.com%252Factors-and-187&apop=0&vpop=0&apopa=0&vpopa=0&cId=ndONNPfb55ab4c632d66f43b113a79d94278eb1700514695294&rrpt=%7B%22CxSegments%22%3Anull%7D
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1699988071
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.202.23.16 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11.eris-i.of.pl
Software
XO.webservant /
Resource Hash
f55a898cfca0f8e5b60a84d854f30979088f07d698c8f571029596524e04bd9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 20 Nov 2023 21:11:35 GMT
last-modified
Mon, 20 Nov 2023 21:11:35 GMT
server
XO.webservant
vary
Accept-Encoding
p3p
CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin
https://tr.novaya-pesn.com
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy
fullscreen *; autoplay;
access-control-allow-credentials
true
content-length
7308
expires
Mon, 20 Nov 2023 21:11:36 GMT
a_cntg.png
cdn.onnetwork.tv/cnt/ 		126 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1700514695295&d=9074&wsc=00&typ=embed&mobile=0&c=47
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vh11c.eris-w26.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
last-modified
Monday, 20-Nov-2023 21:11:35 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
branding-video-negative.svg
cdn.optad360.net/icons/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.optad360.net/icons/branding-video-negative.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7260b4a4163f2e458b462ed77194205e12e7d8352f0ec3cb2e4d1475f7419a9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 02:36:58 GMT
content-encoding
gzip
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 12:05:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1881278
etag
W/"4ccbac335fa4fcdf4c526588ec6a6bc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=360000000
x-amz-cf-id
aOlGzcEm-8_0derTktebqtdm4fxRGpJs87bOefwTi7xsgQx8auzXPg==
a_cntg.png
cdn.onnetwork.tv/cnt/ 		126 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1700514695301&d=9074&wsc=00&typ=embed&mobile=0&c=40
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vh11c.eris-w26.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
last-modified
Monday, 20-Nov-2023 21:11:35 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://tr.novaya-pesn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 20 Nov 2023 21:11:35 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ads
securepubads.g.doubleclick.net/gampad/ 		746 B
753 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2431750608929108&correlator=1649620100211956&eid=31079661%2C31079674%2C31079745%2C31079527%2C31068826&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=121764058%3A22612148122%2Cncmhcso.org%2Cncmhcso.org_o3b_display_am_o3b_s1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C360x300%7C728x90%7C728x200&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700514695344&lmt=1700514695&adxs=509&adys=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&vis=1&psz=0x-1&msz=300x-1&fws=644&ohw=1584&ga_vid=1819700915.1700514695&ga_sid=1700514695&ga_hid=69911182&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYmJDM9L4xSABSAghkEhkKCnB1YmNpZC5vcmcYvZDM9L4xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJiQzPS-MUgAUgIIZBIXCghydGJob3VzZRjokMz0vjFIAFICCGoSFAoFb3BlbngYmJDM9L4xSABSAghkEhkKCnVpZGFwaS5jb20YmJDM9L4xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiYkMz0vjFIAFICCGQ.&dlt=1700514692575&idt=2585&adks=2839683500&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a30e7252d57e5ae550e4fedc763705f388cb30b3aed0842d05254f48ba8f54fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
9099559d4f7d03412bcd7d6f0f9e5f4143122f495c69d3c17abf72cd71eac18b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12188
x-xss-protection
0
container.html
23da06dcdb3da2ec45b32d919091d98f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C8CE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://23da06dcdb3da2ec45b32d919091d98f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 21:11:35 GMT
expires
Tue, 19 Nov 2024 21:11:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		580 B
466 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2431750608929108&correlator=1649620100211956&eid=31079661%2C31079674%2C31079745%2C31079527%2C31068826&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=121764058%3A22612148122%2Cncmhcso.org%2Cncmhcso.org_o3b_display_sf_o3b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700514695391&lmt=1700514695&adxs=450&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&vis=1&psz=0x-1&msz=700x-1&fws=640&ohw=0&ga_vid=1819700915.1700514695&ga_sid=1700514695&ga_hid=69911182&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYmJDM9L4xSABSAghkEhkKCnB1YmNpZC5vcmcYvZDM9L4xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJiQzPS-MUgAUgIIZBIXCghydGJob3VzZRjokMz0vjFIAFICCGoSFAoFb3BlbngYmJDM9L4xSABSAghkEhkKCnVpZGFwaS5jb20YmJDM9L4xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiYkMz0vjFIAFICCGQ.&dlt=1700514692575&idt=2585&adks=2895629049&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c330c462e369aca6fb81ed6742343653b49b72a7abb20b9f583e520736d322d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
03f36502-f128-42c2-8f65-4b8305b56bfe
https://tr.novaya-pesn.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tr.novaya-pesn.com/03f36502-f128-42c2-8f65-4b8305b56bfe
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
abb6b82e-584b-4840-8451-0f4cda106e3b
https://tr.novaya-pesn.com/ 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tr.novaya-pesn.com/abb6b82e-584b-4840-8451-0f4cda106e3b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
publishertag.prebid.134.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Nov 2023 21:11:35 GMT
player86.css
cdn.onnetwork.tv/css/ Frame 65A4 		48 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/css/player86.css?s=1696164487
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1699988071
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vh11c.eris-w26.of.pl
Software
XO.webservantpro /
Resource Hash
e1f8733325d7b536b4ddff8f63c7309f2067cc0f48a9c6686aa14a8a1f1331e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 01 Oct 2023 12:48:07 GMT
server
XO.webservantpro
etag
W/"65196a87-c176"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Fri, 07 Jun 2024 21:11:35 GMT
player_utils.js
cdn.onnetwork.tv/js/player86/ Frame 65A4 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/js/player86/player_utils.js?s=1698303240
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vh11c.eris-w26.of.pl
Software
XO.webservantpro /
Resource Hash
b6e47b120b010ac80e49042286b85180ab3ece70d0ae7bde82c260301bede967
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 26 Oct 2023 06:54:00 GMT
server
XO.webservantpro
etag
W/"653a0d08-3ce7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Fri, 07 Jun 2024 21:11:35 GMT
gpt_proxy.js
imasdk.googleapis.com/js/sdkloader/ Frame 65A4 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
1ffcd332e3ba9ca17685961744ad95a996079fc73be19c34aab467a85f730bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
680
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30077
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 19:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Mon, 20 Nov 2023 21:15:16 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 65A4 		365 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128094
x-xss-protection
0
expires
Mon, 20 Nov 2023 21:11:36 GMT
player_light_v.js
cdn.onnetwork.tv/js/player86/ Frame 65A4 		302 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/js/player86/player_light_v.js?s=1698303240
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vh11c.eris-w26.of.pl
Software
XO.webservantpro /
Resource Hash
7da6f16b552410034c3d91335b39e020b00fcecdd1ed95d978f20f7b8ff1059d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 26 Oct 2023 06:54:00 GMT
server
XO.webservantpro
etag
W/"653a0d08-4b95f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Fri, 07 Jun 2024 21:11:35 GMT
a_cntg.png
cdn.onnetwork.tv/cnt/ Frame 65A4 		126 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1700514695764&d=9074&wsc=00&typ=embed&mobile=0&c=44
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vh11c.eris-w26.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
last-modified
Monday, 20-Nov-2023 21:11:35 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&rid=esp&cc=1
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
811aa8d7e1f75084dcc7fb01a031979bc61755846e1d331e9927f58d54196474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-F8W8yweKYOPGRxxO2kGAgCNVfRU"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tr.novaya-pesn.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 20 Nov 2023 21:11:35 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://tr.novaya-pesn.com
location
/esp?url=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ 		60 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-99-225.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
35c134e2c8cc7bd599b6f2985773112d691869f40ae74de91bbf63da16a901e8

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:36 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-cache
x-server
10.45.18.247
access-control-allow-credentials
true
content-length
60
expires
0
syncframe
gum.criteo.com/ Frame 1D25 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=tr.novaya-pesn.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 21:11:36 GMT
server
Kestrel
server-processing-duration-in-ticks
304719
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
increment
id5-sync.com/api/esp/ 		0
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tr.novaya-pesn.com
date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 20 Nov 2023 21:11:36 GMT
publishertag.prebid.134.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Nov 2023 21:11:36 GMT
b2de5713-068c-429b-a827-37e16ba43496
https://tr.novaya-pesn.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://tr.novaya-pesn.com/b2de5713-068c-429b-a827-37e16ba43496
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
6a3f7849-7815-47a4-b4cc-505d413ecfa3
https://tr.novaya-pesn.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://tr.novaya-pesn.com/6a3f7849-7815-47a4-b4cc-505d413ecfa3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
7WA8KCPZQAH2PZWF
age
1184
alt-svc
h3=":443"; ma=86400
x-amz-id-2
kvsl6VAtvv8F+gGXdpAiyvfQuhCDH+KlU7RL7b7YoKk7lVyumbVObA9AuUZ0mYRKwhyRYqcQ4e0=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8293afb1a982366d-FRA
expires
Tue, 21 Nov 2023 21:11:35 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
JYXHPFNPTFG828JN
age
1046
alt-svc
h3=":443"; ma=86400
x-amz-id-2
VptEv1ZMU7ImCI/FAzjgbTI+mStZGMF9ar/dySu++XICtqRjsiQc3kjbKJ2EJ8ArgX5QaYg5tyw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8293afb1a985366d-FRA
expires
Tue, 21 Nov 2023 21:11:35 GMT
1duwt.json
www.bigmp3db.com/ 		59 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?9237296
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
a1847be8fc35826d54656378c346058aad7c718d0c249b1b1a25d61087a87898
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
c3eec0ab-8027-4411-ba5f-b68ce5b6d4d0
https://tr.novaya-pesn.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://tr.novaya-pesn.com/c3eec0ab-8027-4411-ba5f-b68ce5b6d4d0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
1duwt.json
www.bigmp3db.com/ 		59 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?9237296
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
44446142003a4ee6a8f867e5d629bad0a9191693e5c1afb8d64338440a4ba35d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
1
servicer.mgid.com/1102315/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1102315/1?mp4=1&ap=1&w=818&h=298&sz=264x251&szp=1,2,3&szl=1,2,3&cols=3&sessionId=655bcb88-17fa8&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&cbuster=1700514695959876149514&pvid=18bee9308408cf64d01&implVersion=11&cxurl=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&scum=%3F0&scuw=%3F0&uniqId=066f4&childs=1521780&niet=4g&nisd=false&pv=5&lct=1700006400&jsv=es6&pageView=1&dpr=1&ref=&tfre=3349
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcae1eafe7dbc9e2a14b52f720196b3971e17a01111adcb46849a31e564cc490
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8293afb1f9d0366d-FRA
alt-svc
h3=":443"; ma=86400
a5dba82f-411b-4ae1-8822-f1fd91b55b56
https://tr.novaya-pesn.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://tr.novaya-pesn.com/a5dba82f-411b-4ae1-8822-f1fd91b55b56
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
1
servicer.mgid.com/1102315/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1102315/1?mp4=1&ap=1&sessionId=655bcb88-17fa8&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&w=818&h=298&sz=264x251&szp=1,2,3&szl=1,2,3&cols=3&lu=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&cbuster=1700514695976732203824&pvid=18bee9308408cf64d01&implVersion=11&cxurl=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&scum=%3F0&scuw=%3F0&uniqId=0ff85&childs=1521780&niet=4g&nisd=false&pv=5&lct=1700006400&jsv=es6&pageView=0&dpr=1&ref=&tfre=3366
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e2339092818f231534866164fcd1c18a7e14cb605d936046d258925cf62019c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8293afb209dc366d-FRA
alt-svc
h3=":443"; ma=86400
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
7WA8KCPZQAH2PZWF
age
1185
alt-svc
h3=":443"; ma=86400
x-amz-id-2
kvsl6VAtvv8F+gGXdpAiyvfQuhCDH+KlU7RL7b7YoKk7lVyumbVObA9AuUZ0mYRKwhyRYqcQ4e0=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8293afb219f6366d-FRA
expires
Tue, 21 Nov 2023 21:11:36 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
JYXHPFNPTFG828JN
age
1047
alt-svc
h3=":443"; ma=86400
x-amz-id-2
VptEv1ZMU7ImCI/FAzjgbTI+mStZGMF9ar/dySu++XICtqRjsiQc3kjbKJ2EJ8ArgX5QaYg5tyw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8293afb219f9366d-FRA
expires
Tue, 21 Nov 2023 21:11:36 GMT
1
servicer.mgid.com/1102315/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1102315/1?mp4=1&ap=1&sessionId=655bcb88-17fa8&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&w=818&h=298&sz=264x251&szp=1,2,3&szl=1,2,3&cols=3&lu=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&cbuster=170051469599592207973&pvid=18bee9308408cf64d01&implVersion=11&cxurl=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&scum=%3F0&scuw=%3F0&uniqId=0a617&childs=1521780&niet=4g&nisd=false&pv=5&lct=1700006400&jsv=es6&pageView=0&dpr=1&ref=&tfre=3384
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8e3f62a467e12a94848aaa873ee1188cbbe7c639d62736fbea39ddf92fd2451
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8293afb22a09366d-FRA
alt-svc
h3=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNTQwLHlfNTQwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEyL...
s-img.mgid.com/g/15112349/492x277/-/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/15112349/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNTQwLHlfNTQwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEyLzEwMTkyNC8yOTM2OGE1NWY4YjdiZGQzYmFhMDNjMDljNmM2YjZjMy5qcGc.webp?v=1700514696-d8hyGeLFH1X5sPwF4DDw-MsHAV_K6SgBFjisgrZNte8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9ff1cc4fb6b9733a0ee58091c8f3b3cdadced3e81315630ea3b235773710082
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
22df092d-efee-45f0-a041-b28eb101a8b8
age
1788992
alt-svc
h3=":443"; ma=86400
content-length
17138
last-modified
Thu, 12 Jan 2023 10:06:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb4495a2bae-FRA
af57710c8f600352410c2ad09335b986.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-10/101924/ 		107 KB
107 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-10/101924/af57710c8f600352410c2ad09335b986.mp4?v=1700514696-vKyorzEzT5rlq-B_ehzjzW9Te0jInlFmTwwDJLAqQpQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a954dba3379d524aa44964b7dbe3bf3e278d4134fdf9130d00ad097ad35f6a2a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://tr.novaya-pesn.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
cf-cache-status
HIT
age
1613012
Content-Range
bytes 0-109064/109065
server-timing
cld-akam;mitm=co;dur=276;cpu=19;start=2023-10-31T09:18:33.604Z;desc=miss,rtt;dur=0,content-info;desc="width=680,height=382,abps=29745,fps=12.0,du=3.667,vc=\"h264\",bytes=109065",cloudinary;dur=140;start=2023-10-31T09:18:33.679Z
alt-svc
h3=":443"; ma=86400
Content-Length
109065
last-modified
Tue, 10 Oct 2023 05:20:50 GMT
server
cloudflare
etag
"3bbcb086ff306db88e9f0449702bfa52"
vary
Accept-Encoding
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, max-age=31536000, no-transform, immutable
timing-allow-origin
*
x-robots-tag
noindex
cf-ray
8293afb49d632be6-FRA
http%3A%2F%2Fimghosts.com%2Ft%2F2022-07%2F101924%2Fbd7298ea7fd043d7e43caccce39ef5fe.gif
cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,f_mp4,fl_lossy,g_faces:auto,w_960/ 		612 KB
613 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,f_mp4,fl_lossy,g_faces:auto,w_960/http%3A%2F%2Fimghosts.com%2Ft%2F2022-07%2F101924%2Fbd7298ea7fd043d7e43caccce39ef5fe.gif?v=1700514696-4LJqdbyuC1frq0pHS0x-QjPUC5LPTyTwbs4ZhYzGyO4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df5b6bd376f5e693334a9fddf51ffd64145daadb11dabe2e6233e7d0d0c01efb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tr.novaya-pesn.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
404204
Content-Range
bytes 0-626261/626262
server-timing
cld-fastly;mitm=cpo;dur=177;cpu=0;start=2023-09-29T03:45:59.104Z;desc=miss,rtt;dur=0,content-info;desc="width=960,height=540,owidth=,oheight=,obytes=5128337",cloudinary;dur=168;start=2023-09-29T03:45:59.110Z
alt-svc
h3=":443"; ma=86400
Content-Length
626262
last-modified
Thu, 06 Apr 2023 01:35:44 GMT
server
cloudflare
etag
"9e57c53d09eafd1cbcf629a4739943cf"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, max-age=31536000, no-transform, immutable
timing-allow-origin
*
x-robots-tag
noindex
cf-ray
8293afb49d662be6-FRA
1
servicer.mgid.com/1101801/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1101801/1?mp4=1&sessionId=655bcb88-17fa8&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&ap=1&w=818&h=4424&ident_p=true&sz=680x451;337x280&szp=1,4,5,8,9,12,13;2,3,6,7,10,11,14,15&szl=1;2,3;4;5;6,7;8;9;10,11;12;13;14,15&cols=1&lu=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&cbuster=1700514696053371490771&pvid=18bee9308408cf64d01&implVersion=11&cxurl=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&scum=%3F0&scuw=%3F0&uniqId=13d77&childs=1521781&niet=4g&nisd=false&pv=5&lct=1700006400&jsv=es6&pageView=0&dpr=1&ref=&tfre=3444
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
231cfb8d8be9966b8cccfb0d4e78d51e5aabc9df5fdc6406ba647a316471ab75
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8293afb28a7e366d-FRA
alt-svc
h3=":443"; ma=86400
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
7WA8KCPZQAH2PZWF
age
1185
alt-svc
h3=":443"; ma=86400
x-amz-id-2
kvsl6VAtvv8F+gGXdpAiyvfQuhCDH+KlU7RL7b7YoKk7lVyumbVObA9AuUZ0mYRKwhyRYqcQ4e0=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8293afb28a87366d-FRA
expires
Tue, 21 Nov 2023 21:11:36 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
JYXHPFNPTFG828JN
age
1047
alt-svc
h3=":443"; ma=86400
x-amz-id-2
VptEv1ZMU7ImCI/FAzjgbTI+mStZGMF9ar/dySu++XICtqRjsiQc3kjbKJ2EJ8ArgX5QaYg5tyw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8293afb28a88366d-FRA
expires
Tue, 21 Nov 2023 21:11:36 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8xMDE5MjQvNmUxM...
s-img.mgid.com/g/14650168/492x277/-/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14650168/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8xMDE5MjQvNmUxMjMyMGI3NWRhZjAxMDU5NGViNTFkYTc5OGY4NDIuanBlZw.webp?v=1700514696-ZkNvl7xfEE79StgGFU_wQ_7UycdNck-Lbu4KH4pnDsQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
478db0126c643f9721fd465076a2d2fcfbb434520eb154db748a7d59c9d4a1b1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
8f240897-2944-4773-8a84-d21d28455d6b
age
1090161
alt-svc
h3=":443"; ma=86400
content-length
15396
last-modified
Wed, 16 Nov 2022 16:12:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb449612bae-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS8xMDE5MjQvMWI0Z...
s-img.mgid.com/g/13054798/492x277/-/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/13054798/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS8xMDE5MjQvMWI0ZGI0MDM5Y2QwYWViZTJiOTYzZGQ1MjljNWY1ODYuanBn.webp?v=1700514696-yCaXllHYS3Lt4eKyGxbX1zTRR9DotVA7LQik5Ozpx6M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48cc3035fc593283fdf4618e0fbc792aaabde6acacc9313b43b91cd7db6470f4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
550eb751-4081-4b9d-8212-c07e0460e5dc
age
1089658
alt-svc
h3=":443"; ma=86400
content-length
20294
last-modified
Wed, 25 May 2022 12:00:48 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb4495f2bae-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMi8xMDE5MjQvMGM1Y...
s-img.mgid.com/g/14937055/492x277/-/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14937055/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMi8xMDE5MjQvMGM1Y2JhZDIxYjIzMDViYTY0Mjk3NTU1MGY5MGNlNDUuanBlZw.webp?v=1700514696-o5EgIHh0UrVZVYiQE4LoO2xn7rC1M8CmBksG3XzDE-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcd829e405614a03bdfd57b5f4331eb23248393685c6914a33236bdf7471cc05
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
8a2de22d-8a54-4d33-bf35-21fbade64908
age
959890
alt-svc
h3=":443"; ma=86400
content-length
17514
last-modified
Sat, 27 May 2023 19:56:47 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb449602bae-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS8xMDE5MjQvNDJiN...
s-img.mgid.com/g/13054794/492x277/-/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/13054794/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNS8xMDE5MjQvNDJiNmY2NGVjMGYwNTU2ZmYxNzA1MTNkMmZmMzFlMTcuZ2lm.webp?v=1700514696-gVCqfWz-QRN-_7pIb7mi3FWVxkAl5u8iD3siSRlqTJk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abd11578fd012d2a4495aff014bd28944e0063e3e5976186d4f26c0a71ebe06c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
198669b4-abd6-4879-b123-c755b90655cf
age
1769748
alt-svc
h3=":443"; ma=86400
content-length
9160
last-modified
Wed, 25 May 2022 12:07:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb449622bae-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzA2MmU1MTIyMTkzYmQ3O...
s-img.mgid.com/g/11739867/492x277/-/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739867/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzA2MmU1MTIyMTkzYmQ3ODhkZGI1NDRmMjc4Zjk3MWQucG5n.webp?v=1700514696-XhAH9NDhAk0fAoK32jX2tIHYkviv7oKE8z4Edyq3rdg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a750b7acd808f5d63e7904cb75ef2f2011a999a868cb7592145158563b6fd1c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
4852a20f-4468-4718-a69b-218830fa8ad0
age
1620997
alt-svc
h3=":443"; ma=86400
content-length
11924
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb499c12bae-FRA
1duwt.json
www.bigmp3db.com/ 		59 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?9237296
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
2d3ef39a39e929d58dd516c69fdf92be77348da047ec2eee4aa2a7f18c8a674c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
475ffc1474f7ae5478b13dd038bbf99c.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-12/101924/ 		136 KB
137 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-12/101924/475ffc1474f7ae5478b13dd038bbf99c.mp4?v=1700514696-Jqze54NunNareeu0D-FPZxqYnbR9viqtXwAwCnno5S4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4a03b4c98b0ffdea7ca1fa7933370dfed088e88b6a873d84433c50f922c323b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tr.novaya-pesn.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1690170
Content-Range
bytes 0-139310/139311
server-timing
cld-fastly;mitm=cpo;dur=118;cpu=0;start=2023-07-01T02:46:54.146Z;desc=miss,rtt;dur=0,cloudinary;dur=102;start=2023-07-01T02:46:54.154Z
alt-svc
h3=":443"; ma=86400
Content-Length
139311
last-modified
Tue, 04 Apr 2023 05:38:51 GMT
server
cloudflare
etag
"65345006a63cff0b2e0442a9046a8800"
vary
Accept-Encoding
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, max-age=31536000, no-transform, immutable
timing-allow-origin
*
x-robots-tag
noindex
cf-ray
8293afb49d652be6-FRA
i.js
cm.mgid.com/ 		0
104 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?cbuster=1700514696078970190229
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
8293afb4cd10366d-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
i-noref.js
cm.mgid.com/ Frame 5B53 		0
38 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1700514696081906011937
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
8293afb4cd12366d-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
id5-api.js
cdn.id5-sync.com/api/1.0/ 		154 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec554103bf5e0b4462dffc405d746abdce3f805c081725f17b068c21dd1d1a5b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 09:30:02 GMT
server
cloudflare
x-amz-request-id
MR4SEMAZ16QZV8TM
age
1918
etag
W/"391026e5958781dc657c57860854abcb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8293afb29a0c3802-FRA
x-amz-id-2
zEdOoNYJHILW+7BkSBXMAMRejzC3k3XSShxm9r9gO7Kwon07lQPIQPcG1ZaOjkfb0UShI8I+wRI=
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.232.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-232-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:55:21 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=88065
accept-ranges
bytes
content-length
63913
expires
Tue, 21 Nov 2023 21:39:21 GMT
1duwt.json
www.bigmp3db.com/ 		60 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bigmp3db.com/1duwt.json
Requested by
Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?9237296
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
e5a3d9d358f58158b5925f10862330064009683880e9249d261cffe76845eccd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=63072000
content-encoding
br
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
7WA8KCPZQAH2PZWF
age
1185
alt-svc
h3=":443"; ma=86400
x-amz-id-2
kvsl6VAtvv8F+gGXdpAiyvfQuhCDH+KlU7RL7b7YoKk7lVyumbVObA9AuUZ0mYRKwhyRYqcQ4e0=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8293afb30b0f366d-FRA
expires
Tue, 21 Nov 2023 21:11:36 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.129.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
JYXHPFNPTFG828JN
age
1047
alt-svc
h3=":443"; ma=86400
x-amz-id-2
VptEv1ZMU7ImCI/FAzjgbTI+mStZGMF9ar/dySu++XICtqRjsiQc3kjbKJ2EJ8ArgX5QaYg5tyw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8293afb30b11366d-FRA
expires
Tue, 21 Nov 2023 21:11:36 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvODJhYmJlYTdjZWZkMTYwM...
s-img.mgid.com/g/11739856/492x277/-/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739856/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvODJhYmJlYTdjZWZkMTYwMThlYjc2NjBkNTdkZjIwNTAuanBn.webp?v=1700514696-7HfSypCepRSUXB0mzIoA1RKo9MALKs4f47e6A9v5WrE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51c86712e4508547b5a2f8771a44a83cbbde1b79b62248027c6a5c3a6ae72b99
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
5eeeb86f-8ed6-48a5-8c64-3b7b8e5e14f9
age
1693318
alt-svc
h3=":443"; ma=86400
content-length
22206
last-modified
Tue, 21 Dec 2021 12:52:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb499c42bae-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvN2Y2ODI3ZDA0MjdlOTAwY...
s-img.mgid.com/g/11739831/492x277/-/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739831/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvN2Y2ODI3ZDA0MjdlOTAwY2MyYWU0OTg2MmViMDk5ZjcuanBlZw.webp?v=1700514696-3bl3XTvVoucToZOmnd7SCnFQ-2AfQ4rRr5jxB4fEthw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a19d5065354bc8a69d35fae71d9f5712f927c27821f171872e8356f1a6e2186
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
7db3f670-e86d-4722-8977-db10b0f1b8eb
age
1690781
alt-svc
h3=":443"; ma=86400
content-length
31602
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb499c72bae-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDA2LHlfMjY5L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAzLzEwMTkyNC8yMzU4N...
s-img.mgid.com/g/12581089/492x277/-/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12581089/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDA2LHlfMjY5L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAzLzEwMTkyNC8yMzU4NzNiZmIwMGE5NGY2YTNmN2ZkNTVlYzhjMjE5Ny5qcGVn.webp?v=1700514696-6iaLWKq0t8_G5vbPFiXff6_o7U_pAmxQb2glKcL3boI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7a1b2f53856e5a85b1b70c456ae0ab557672b6866895b3debdca6c45eca109
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
a21dcfe7-534d-4c28-b69a-e854fe8d503b
age
1622200
alt-svc
h3=":443"; ma=86400
content-length
30058
last-modified
Tue, 29 Mar 2022 09:36:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb499c82bae-FRA
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2YzOGE2MjQxYmM2N2MwNjEzNmU1ZGU2OTRiZjUxMzgxLmpwZWc.webp
s-img.mgid.com/g/11739838/492x277/0x0x1200x675/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739838/492x277/0x0x1200x675/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0L2YzOGE2MjQxYmM2N2MwNjEzNmU1ZGU2OTRiZjUxMzgxLmpwZWc.webp?v=1700514696-sBGC_3NB9dZuyGRfB1rGND7h-toaGzHV0bV-wq9NMCw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c008b2a628e401bb9cd25cbd27cf404952e816139bc554487c13fdb028817919
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
da00dc8f-e48a-4ae4-97f9-647ea14b3d03
age
1790128
alt-svc
h3=":443"; ma=86400
content-length
22358
last-modified
Wed, 20 Jul 2022 11:47:47 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb499c92bae-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzI0NmQ4YTMxMjRmN2EzY...
s-img.mgid.com/g/11739843/492x277/-/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739843/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzI0NmQ4YTMxMjRmN2EzYmRlZDMxZWFiY2I1NzI0NGIuanBlZw.webp?v=1700514696-SkULyppo-Wv638f99DunJDdsaPxeoNgZxry1xbwc9JI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65012936d9047ff97d6cc799a532adf69538a35af1ab714e29380d13079a0e62
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
e342a6e5-b1bd-41fc-8729-d5680ed45849
age
1708357
alt-svc
h3=":443"; ma=86400
content-length
14164
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb499cc2bae-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2I0YTNkMTMzZGI4ZjY4M...
s-img.mgid.com/g/11739876/492x277/-/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739876/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvN2I0YTNkMTMzZGI4ZjY4MTljM2ZlNzU0NTE2MDJjYjUuanBlZw.webp?v=1700514696-4_fryFVzGKGaPKQsYIHQ02uWwkzvCm7lWIfoP28NhaY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd0f29b4b5495d092c10dc6b7cfba7542f00870aeb505ece7058c69f2f55db8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
d991e1fb-66be-4b72-896d-139b49bbbde1
age
1614188
alt-svc
h3=":443"; ma=86400
content-length
12160
last-modified
Tue, 21 Dec 2021 12:46:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb499ce2bae-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMjYzLHlfMjIyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3L...
s-img.mgid.com/g/13780794/492x277/-/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/13780794/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMjYzLHlfMjIyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzEwMTkyNC9jMTI0OTk3ZWRlNWE1NjJlYTUzNGYxYTc1M2I3NjBiZi5wbmc.webp?v=1700514696-1vxboMC1iUu8T-xz4p6Xj6JB2LZbBaTDAE5w210KM10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b057c5c4022fd5cf5184f1578f350cd8df442b839fcad98bb1f4b06392dcda1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
48b68e68-265d-43b3-b40a-1bc0c261cd08
age
1782356
alt-svc
h3=":443"; ma=86400
content-length
23710
last-modified
Thu, 11 Aug 2022 08:44:36 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb499cf2bae-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDg2LHlfNDYxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lNTFmY...
s-img.mgid.com/g/11739835/492x277/-/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739835/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDg2LHlfNDYxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lNTFmYzE4OThhY2IzOTkyNDAwMDhiNDRiNzAxNWQ4Ni5qcGc.webp?v=1700514696-dvrOQ_b_lvDIG5JkjBJBmq0OpYeIaBhcQScfaU8vL9c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe5c82457a761c5111af9d2bfd63aaf6471fe4ae39dd83285cca6e8c23f503c7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
25108491-3314-4c3a-b17d-ed1082e13222
age
1711984
alt-svc
h3=":443"; ma=86400
content-length
21954
last-modified
Tue, 21 Dec 2021 12:52:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb499d22bae-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy8xMDE5MjQvMGYwMWQyMmVlMTUwOTJhO...
s-img.mgid.com/g/12581087/492x277/-/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12581087/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy8xMDE5MjQvMGYwMWQyMmVlMTUwOTJhOGFiMjM2NTBjMmY2NWJhNmIuanBlZw.webp?v=1700514696-SLtP6tOEVgp5vK8k9ZjS2vQDrOZBMFU66e4Is0DLEfI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b4e4093bf6c5d1cb1f5bb589f7885ab44aaee47d9dd3d4b8e511fa9e20117c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
34a14942-d894-479d-a8b2-fbd14c3c6c46
age
1609026
alt-svc
h3=":443"; ma=86400
content-length
29532
last-modified
Tue, 29 Mar 2022 09:41:32 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb499d42bae-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvM2NmYjc4OTBmMjc1N2UwO...
s-img.mgid.com/g/11739845/492x277/-/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739845/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvM2NmYjc4OTBmMjc1N2UwOWZhYTcwZGQzODQxZTliMTQucG5n.webp?v=1700514696-qZ1ntUb4N3HEaO12IWe3Oo5XX-Q8geO0ENF-gDGtwd8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab9e2e7c2f73090b47d4bfd4c17c79b9cfbf629e28d86a15bd79c414d7e2ec4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
f89f2b89-336a-4d04-bc46-9931965f3d36
age
1622244
alt-svc
h3=":443"; ma=86400
content-length
19212
last-modified
Tue, 21 Dec 2021 12:52:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb499d52bae-FRA
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTYtMTItMjEvMTAxOTI0LzIyM2RkMzc5YjljNDIzODFlMWVjY2UxMWUzN2E3YTZhLmpwZw.webp
s-img.mgid.com/g/12581086/492x277/0x0x492x277/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12581086/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTYtMTItMjEvMTAxOTI0LzIyM2RkMzc5YjljNDIzODFlMWVjY2UxMWUzN2E3YTZhLmpwZw.webp?v=1700514696-BiRVjEe9JT4GR4RvI_lSamys0w_W9_en_D9xMiELdec
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6399dd75dd3f10409534681afcd7670b3a3bb9d3a75da8e916a53005e668938b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
14e50e68-0797-4961-9258-08cc65334973
age
1794936
alt-svc
h3=":443"; ma=86400
content-length
14346
last-modified
Sun, 07 Aug 2022 09:00:26 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb499d72bae-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS8xMDE5MjQvMTkxN...
s-img.mgid.com/g/14650176/492x277/-/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14650176/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS8xMDE5MjQvMTkxNGRlYTAxMzJkNDk0MGFhZDY4ZjIyZGRhYzg4ODcuanBlZw.webp?v=1700514696-CgKZYL5SQlNrl68EqVbbrqlNBGkVg0VPvxDpCK1a7hE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b1311b0326ee0705e9c57fd0e86fb027b7502c76b86409e6610ee206e5ae1fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
645f53ab-4ad2-4e0e-80c2-0ec2781286cc
age
1613854
alt-svc
h3=":443"; ma=86400
content-length
10288
last-modified
Wed, 16 Nov 2022 15:58:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb499d82bae-FRA
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMDE5MjQvNzUyZjJmOTg3MmFiZjA2Y...
s-img.mgid.com/g/12581137/492x277/-/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12581137/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi8xMDE5MjQvNzUyZjJmOTg3MmFiZjA2YThlNTMwMTIyMDlkODA2ZDcuanBlZw.webp?v=1700514696-ftDMgV_JuPjvXPH4GpMTJBYLN9ePeQ7HdEq1n2lK65w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f34150af888019516f9f89b26220a4a1bacfe398e566f16d56af199533bf0056
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
Origin
https://tr.novaya-pesn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
d2eac308-689b-4a3a-8d4d-43307b78dff2
age
1772533
alt-svc
h3=":443"; ma=86400
content-length
16178
last-modified
Tue, 29 Mar 2022 09:36:28 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8293afb499da2bae-FRA
http%3A%2F%2Fimghosts.com%2Ft%2F2022-03%2F101924%2F5eac602ba6c69269ec9e29238ed14e7c.gif
cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,e_sharpen:100,f_mp4,fl_lossy,g_faces:auto,w_960/ 		143 KB
144 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,e_sharpen:100,f_mp4,fl_lossy,g_faces:auto,w_960/http%3A%2F%2Fimghosts.com%2Ft%2F2022-03%2F101924%2F5eac602ba6c69269ec9e29238ed14e7c.gif?v=1700514696-8TemQTHvdHOcRYRDprSf4PIMMItWoJxQj58wOPeQRLM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a39da727918230489f8fd2f87783a431815bbd44f5103a072b6d36f79b876886
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tr.novaya-pesn.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
577236
Content-Range
bytes 0-146632/146633
server-timing
cld-cloudflare;mitm=c;dur=30;start=2023-09-01T13:52:09.020Z;desc=hit,content-info;desc="width=960,height=540,owidth=600,oheight=400,obytes=2040446;"
alt-svc
h3=":443"; ma=86400
Content-Length
146633
last-modified
Wed, 29 Mar 2023 21:04:26 GMT
server
cloudflare
etag
"0f993e9b3779a66118d267068ac477d7"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, max-age=31536000, no-transform, immutable
timing-allow-origin
*
x-robots-tag
noindex
cf-ray
8293afb49d672be6-FRA
http%3A%2F%2Fimghosts.com%2Ft%2F2022-07%2F101924%2F7c2396d80718459acc266ef688341fcb.gif
cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,f_mp4,fl_lossy,g_faces:auto,w_960/ 		63 KB
64 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,f_mp4,fl_lossy,g_faces:auto,w_960/http%3A%2F%2Fimghosts.com%2Ft%2F2022-07%2F101924%2F7c2396d80718459acc266ef688341fcb.gif?v=1700514696-ffQn4EE67O6zWJCWkUZ6hmEScx97oXqRm4R_yKLzHtM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d916b8759d637dd3b11738d045e44e069e1027d860894dfffb6551f2b652038c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tr.novaya-pesn.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
480079
Content-Range
bytes 0-64862/64863
server-timing
cld-fastly;mitm=cpo;dur=115;cpu=8;start=2023-10-24T23:21:31.861Z;desc=miss,rtt;dur=0,content-info;desc="width=960,height=540,owidth=,oheight=,obytes=773137",cloudinary;dur=97;start=2023-10-24T23:21:31.879Z
alt-svc
h3=":443"; ma=86400
Content-Length
64863
last-modified
Fri, 24 Mar 2023 03:55:14 GMT
server
cloudflare
etag
"667d9abe8d17864d058028e0d641b182"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, max-age=31536000, no-transform, immutable
timing-allow-origin
*
x-robots-tag
noindex
cf-ray
8293afb49d682be6-FRA
id5-api.js
cdn.id5-sync.com/api/1.0/ 		154 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec554103bf5e0b4462dffc405d746abdce3f805c081725f17b068c21dd1d1a5b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 09:30:02 GMT
server
cloudflare
x-amz-request-id
MR4SEMAZ16QZV8TM
age
1918
etag
W/"391026e5958781dc657c57860854abcb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8293afb30a843802-FRA
x-amz-id-2
zEdOoNYJHILW+7BkSBXMAMRejzC3k3XSShxm9r9gO7Kwon07lQPIQPcG1ZaOjkfb0UShI8I+wRI=
pd
google-bidout-d.openx.net/w/1.0/ Frame 3AB0 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 20 Nov 2023 21:11:36 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
json
gum.criteo.com/sid/ Frame 1D25 		436 B
559 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=novaya-pesn.com&sn=ChromeSyncframe&so=0&topUrl=tr.novaya-pesn.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=tr.novaya-pesn.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
58d40beb6acd73685ddf5f1284dcbb0d5055b5ff3af31b10c9d7a81a400724f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=tr.novaya-pesn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1171957
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 18EC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22973
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 14:48:43 GMT
expires
Tue, 19 Nov 2024 14:48:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F0FF 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
52cfac95bcebef5fbcb26dd85699cc80f2147ad81f3dadc06d8dbabc6e8862fe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1o3YeqK7KKZ7aBRw2N0i4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-1o3YeqK7KKZ7aBRw2N0i4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 21:11:36 GMT
expires
Mon, 20 Nov 2023 21:11:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
syncframe
gum.criteo.com/ Frame 6815 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=tr.novaya-pesn.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 21:11:35 GMT
server
Kestrel
server-processing-duration-in-ticks
1115301
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 18EC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 14:51:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
22827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 14:51:09 GMT
json
gum.criteo.com/sid/ Frame 6815 		422 B
551 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=novaya-pesn.com&sn=ChromeSyncframe&so=3&topUrl=tr.novaya-pesn.com&bundle=27YibF9zbnVpUUJURVBzNHd2bldWMjUwJTJGanh5ZDFDQXVUN2JnMDlBbTBNbmNhViUyQiUyRlptRkgySU56aW9NNVluYW1HVjVZdXdSaGIxRWFwMFhraCUyRkhTbWR2VlF5ak1zTzdSY0hwcXk4YkxMTENsQkxsbW15dEFEVXk5ZiUyRkhjN3B0RUtaJTJCd2hPV0RrcTJQUm02YWluMWlOVXllZEElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=tr.novaya-pesn.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7c4f120367873619b148ceb9086319bf8c221fa66a3242dccb858644bf43a5ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=tr.novaya-pesn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1031748
expires
0
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 65A4 		0
0
general.css
cdn.onnetwork.tv/css/websites/optad/ Frame 65A4 		616 B
498 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/css/websites/optad/general.css
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player86/player_light_v.js?s=1698303240
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vh11c.eris-w26.of.pl
Software
XO.webservantpro /
Resource Hash
60e70619e42d5f5a364383d83867d95a84d0133e43b3cd2bc78942eb468c7d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 27 Mar 2022 07:49:33 GMT
server
XO.webservantpro
etag
W/"6240170d-268"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Fri, 07 Jun 2024 21:11:36 GMT
analytics.js
www.google-analytics.com/ Frame 65A4 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player86/player_light_v.js?s=1698303240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 20 Nov 2023 19:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4918
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 20 Nov 2023 21:49:38 GMT
js
www.googletagmanager.com/gtag/ Frame 65A4 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player86/player_light_v.js?s=1698303240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7551e991789b07e3e2f4e75d66aba2e6a553a5209e2d8fe130983bf59563e738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44042
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Nov 2023 21:11:37 GMT
bridge3.605.0_pl.html
imasdk.googleapis.com/js/core/ Frame 4013 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_pl.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
e3e3963245c47318d911af859ba22df58e85985b7b9482fd1ad11a460d1a8ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
202012
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246841
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 13:04:44 GMT
expires
Sun, 17 Nov 2024 13:04:44 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 65A4 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Nov 2023 21:11:36 GMT
bridge3.605.0_pl.html
imasdk.googleapis.com/js/core/ Frame 9D96 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_pl.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
e3e3963245c47318d911af859ba22df58e85985b7b9482fd1ad11a460d1a8ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
202012
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246841
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 13:04:44 GMT
expires
Sun, 17 Nov 2024 13:04:44 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9F49 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 20:15:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 20 Nov 2023 21:15:37 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0925 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 20:15:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 20 Nov 2023 21:15:37 GMT
a_cnti.png
cdn.onnetwork.tv/cnt/ Frame 65A4 		126 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1700514696627&event=plimpression&d=9074&vs=0&aps=4&playerVisible=0&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vh11c.eris-w26.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
last-modified
Monday, 20-Nov-2023 21:11:36 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
a_cntm.png
cdn.onnetwork.tv/cnt/ Frame 65A4 		126 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cntm.png?ts=1700514696641&i=87734&d=9074&wsc=ab&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=4&vs=40
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vh11c.eris-w26.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
last-modified
Monday, 20-Nov-2023 21:11:36 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
a_cntg.png
cdn.onnetwork.tv/cnt/ Frame 65A4 		126 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1700514696641&d=9074&wsc=ab&typ=embed&mobile=0&c=45
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vh11c.eris-w26.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:36 GMT
last-modified
Monday, 20-Nov-2023 21:11:36 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
black2.mp4
cdn.onnetwork.tv/img/ Frame 65A4 		2 KB
2 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.onnetwork.tv/img/black2.mp4
Requested by
Host: tr.novaya-pesn.com
URL: https://tr.novaya-pesn.com/actors-and-187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vh11c.eris-w26.of.pl
Software
XO.webservantpro /
Resource Hash
6212a4c6fd9be62d0795e3957471693cb344af6f21c2bbe0e957f3ed82520f1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tr.novaya-pesn.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range
bytes=0-

Response headers

pragma
public
date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 15 Nov 2022 12:58:10 GMT
server
XO.webservantpro
etag
"63738ce2-8be"
access-control-allow-methods
GET, POST, OPTIONS
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2237/2238
cache-control
max-age=17280000, public
Content-Length
2238
expires
Fri, 07 Jun 2024 21:11:36 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 65A4 		855 B
941 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
4caccae263586ccc78d271c272d0ef81a34609786efae24dd499b4d5cd3a11e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Mon, 20 Nov 2023 21:11:37 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F0FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=2431750608929108&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
collect
www.google-analytics.com/j/ Frame 65A4 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=840826520&t=pageview&_s=1&dl=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&dp=%2Fab%2Foptad360_com&ul=en-us&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=640x360&je=0&_u=IGhAAEABAAAAACAAsD~&jid=539797272&gjid=50314874&cid=945899234.1700514697&tid=UA-135184183-1&_gid=273039862.1700514697&_r=1&_slc=1&z=1786132557
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 18EC 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?KM9gHw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
stats.g.doubleclick.net/j/ Frame 65A4 		1 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-135184183-1&cid=945899234.1700514697&jid=539797272&gjid=50314874&_gid=273039862.1700514697&_u=IGhAAEAAAAAAACAAsD~&z=632615951
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 20 Nov 2023 21:11:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
destination
www.googletagmanager.com/gtag/ Frame 65A4 		261 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-KSCXDDB4SG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
70b7025cb6100ab483c277e672e4251a1dad637915a651fe928fe0b0770a9588
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90158
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Nov 2023 21:11:37 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
278 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
7ebb9f63d23446ce69c8aecb0224795e26d3206488fb19596a3027926b95a63e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
https://tr.novaya-pesn.com
date
Mon, 20 Nov 2023 21:11:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
a_cntg.png
cdn.onnetwork.tv/cnt/ Frame 65A4 		126 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1700514697611&d=9074&wsc=ab&typ=embed&mobile=0&c=24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.98.236.115 Wroclaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vh11c.eris-w26.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:37 GMT
last-modified
Monday, 20-Nov-2023 21:11:37 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
collect
region1.google-analytics.com/g/ Frame 65A4 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KSCXDDB4SG&gtm=45je3b81v871770576&_p=1700514696607&gcs=G1--&gcd=11l1l1l1l5&dma_cps=sypham&dma=1&tcfd=10005&cid=945899234.1700514697&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700514697&sct=1&seg=0&dl=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&dr=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187&dt=Player&en=page_view&_fv=1&_ss=1&_ee=1&ep.anonymize_ip=true&tfd=2373
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-KSCXDDB4SG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v3
id5-sync.com/gm/ 		445 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
4df305382dd096ade84af645f024dde242db1e2eb8657216a460ae6e498a7b35
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tr.novaya-pesn.com
date
Mon, 20 Nov 2023 21:11:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=2431750608929108&bg=!ERKlEl3NAAZxrfrxUa07ADQBe5WfOAueN30ecCDvcJJN3nDI8CAbbI-DyZn_9CzyL8EKdQhuHXLsInvXeyvYAM8OmuX4AgAAAXZSAAAADWgBB5kCthXaAv5yGPkha2AOLu_huwaNSg5jqLpOo4SSiyOT5rm2zuOWW7Bk_c05ERf15IlJoThH2HCvutoEHq3O1UzfmLJRzUR4kLgHgR9xbWqL-nsKrpuGxNl36p016aAs7dYHJBZTm9afNrPdyot_iP2qW1RHwawMTfGSybZp7q0K_FhHRjabtvuSSzZz4Y-1balEOLTntLGytXCIARiBSh1DabpLF-Rzk_CaCL4-w0pGv7Z_WwDbS-wc1mr8dpHySzXmWu49u5BKxE-vxpuNVzZGks4FZemSm8TA_36je4ifhrBuw1RPIh6m53_e5k1oCXigYk1dzjBmgKeGRrLlMNkIN1stOs3b4WmcCbIJqLm1zh_Vhx0C6I4FBwH7KpfkCYyo0bSp7zGzO7Pg6sLVLqIutAfwML8RBnFOwLCAuixTm6bgonnLxH2zk3LNLZm6FalBM0CJyV3I2KHUwIP-Iwi5iwx8v7mpjpvDPhfS4svcUBCn1SLqC-6Pm_mitfjl97Z8JhZ1rvuJB368WZsLMmK1ZMfNLQmX_4ifLQcPZHNh9NKyq4kElIeWhnjSJ-DJ5CWkctUH267chp0OOJiGCVIbHonflQAXuojSkBcv1ftCfUoD491sEWfy4I5JzrAc6CTzEr1vQg_J25qkRRRq5JpaxRdO8izdoYjQfEmquHzaBxKXHiUVW0VMsw1SZAzsxUwKRVcYbiEG9LlyVEiVMEe4eqPtKDAS7hu3QRqgDEykvMoBOB53997otO37tEpJ8YzgSb_8fCYxaennIpT7ih2IP4Z1eb3zcukwxwSkGcLRP0B5ID_ZORjXa7DsY6jYwhMayQU3hpLSwhIZVGhoicYPXohArLjtahRmvdFEhlmTZl-K5z0D1oQIt8M9Om858WKtD3RR2c-LrksqsGQyFCZZyUeJ8CwvsVM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.novaya-pesn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftr.novaya-pesn.com%2F&domain=tr.novaya-pesn.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://tr.novaya-pesn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 20 Nov 2023 21:11:38 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
194273
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftr.novaya-pesn.com%2F&domain=tr.novaya-pesn.com&cw=1&pbt=1&lsw=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
169940
expires
0
rid
match.adsrvr.org/track/ 		63 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
2a4a15644ae1873ceaf6ab5d8d7ca7343a76bec25aa050d163f27f08998689fb

Request headers

Referer
https://tr.novaya-pesn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 21:11:38 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://tr.novaya-pesn.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 20 Dec 2023 21:11:38 GMT
/
onetag-sys.com/usync/ Frame 35A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700514694745&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
usersync
ssp.wp.pl/bidder/ Frame CA78 		477 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=66746016794032290000&sn=mc_adapter
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 21:11:38 GMT
last-modified
Thu, 09 Nov 2023 08:42:03 GMT
server
nginx
vary
Origin,Accept-Encoding
/
onetag-sys.com/usync/ Frame B5CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700514694748&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
pbjs
sync.quantumdex.io/usersync/ Frame 8A07 		5 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.36.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
020330fc51bc5180e3f1e56e8f61b48f1429052a89cfaaaa670cc9ce23afe99e

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8293afc0eaa70408-FRA
content-encoding
gzip
content-type
text/html
date
Mon, 20 Nov 2023 21:11:38 GMT
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F26E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.232.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-232-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=95505
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 20 Nov 2023 21:11:38 GMT
expires
Tue, 21 Nov 2023 23:43:23 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame F78F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.232.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-232-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 20 Nov 2023 21:11:38 GMT
ETag
"623de86a-cf34"
Expires
Tue, 21 Nov 2023 21:11:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
pbjs
sync.quantumdex.io/usersync/ Frame E15B 		5 KB
973 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.36.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed27abbf1a432cf2dfe0313082f6dc88ecae612ed398a4b69ed3243e6dbc454

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8293afc0eaa80408-FRA
content-encoding
gzip
content-type
text/html
date
Mon, 20 Nov 2023 21:11:38 GMT
server
cloudflare
usersync
ssp.wp.pl/bidder/ Frame 5A7E 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=66746016794032290000&sn=mc_adapter
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 21:11:38 GMT
last-modified
Thu, 09 Nov 2023 08:42:03 GMT
server
nginx
vary
Origin,Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4DE4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.232.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-232-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 20 Nov 2023 21:11:38 GMT
ETag
"623de86a-cf34"
Expires
Tue, 21 Nov 2023 21:11:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0C31 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.232.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-232-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://tr.novaya-pesn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=95505
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 20 Nov 2023 21:11:38 GMT
expires
Tue, 21 Nov 2023 23:43:23 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame CA78 		89 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=66746016794032290000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wpcdn.pl
Software
nginx /
Resource Hash
d13b157f124b7065fe4f20c7f555b53261d33fb5bf96f0ce9ed368d213a565c8

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:38 GMT
content-encoding
br
last-modified
Mon, 20 Nov 2023 19:00:19 GMT
server
nginx
etag
W/"03c777781a7afcfa25184afb145dd8d1"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=900, stale-while-revalidate=86400
access-control-max-age
900
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame 5A7E 		89 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=66746016794032290000&sn=mc_adapter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wpcdn.pl
Software
nginx /
Resource Hash
d13b157f124b7065fe4f20c7f555b53261d33fb5bf96f0ce9ed368d213a565c8

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:38 GMT
content-encoding
br
last-modified
Mon, 20 Nov 2023 19:00:19 GMT
server
nginx
etag
W/"03c777781a7afcfa25184afb145dd8d1"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
max-age=900, stale-while-revalidate=86400
access-control-max-age
900
timing-allow-origin
*
access-control-allow-headers
*
PugMaster
image6.pubmatic.com/AdServer/ Frame F26E 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2796730&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
6eef4c26ab4e5d5edbe2e80b3718a8f91d55ca9d2b5dc198a7e3069ea38631b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 21:11:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bounce
ib.adnxs.com/ Frame F78F
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:38 GMT
an-x-request-uuid
d3d78e5a-0e44-4b19-b1bf-bf2dd351f5f6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:38 GMT
an-x-request-uuid
3b83bc1a-af97-4723-b23e-c3be7073b04a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 4DE4
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:38 GMT
an-x-request-uuid
8786c42b-7681-4bb8-a37b-1bb7e8003ef7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:38 GMT
an-x-request-uuid
c44f2d23-b6c6-4063-8c0c-1685719a8453
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
img
sync.mathtag.com/sync/ Frame 0F46 		43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x30 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 20 Nov 2023 21:11:39 GMT
Expires
Mon, 20 Nov 2023 21:11:38 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x30 config_version:"1369"
Pug
simage2.pubmatic.com/AdServer/ Frame 657D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 21:11:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 21:11:38 GMT
expires
Mon, 20 Nov 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
784558
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7702
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6431BC24-6095-4D44-B034-0167A1F61282&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6431BC24-6095-4D44-B034-0167A1F61282&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6431BC24-6095-4D44-B034-0167A1F61282&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 20 Nov 2023 21:11:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VYZ1VFE6404JHASGTCF5

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 20 Nov 2023 21:11:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6431BC24-6095-4D44-B034-0167A1F61282&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
112NQTP57QWRTE25SYHH
Pug
image2.pubmatic.com/AdServer/ Frame D745
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=C8t4AV6cdQEQzixRXMhgAATJdQYQmilXDc68ntaA
42 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=C8t4AV6cdQEQzixRXMhgAATJdQYQmilXDc68ntaA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 21:11:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 20 Nov 2023 21:11:39 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=C8t4AV6cdQEQzixRXMhgAATJdQYQmilXDc68ntaA
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 1EE4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5624008184892383403&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5624008184892383403&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 21:11:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
c06b1adf-8a28-4795-9f5b-02b7c1f30818
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 21:11:38 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5624008184892383403&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 33F5
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7303655018573330571&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7303655018573330571&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 21:11:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 20 Nov 2023 21:11:39 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7303655018573330571&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame DD2D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Sm4ONreBXT5rUWArIq5FL7Bz7aI&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Sm4ONreBXT5rUWArIq5FL7Bz7aI&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 21:11:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 20 Nov 2023 21:11:39 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Sm4ONreBXT5rUWArIq5FL7Bz7aI&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 872E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d739b3d9-9bbd-4be6-b712-c205141e1bfb&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_b5bd6193-aac8-422a-910c-53a88605975e&bsw_param=d739b3d9-9bbd-4be6-b712-c205141e1bfb&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d739b3d9-9bbd-4be6-b712-c205141e1bfb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d739b3d9-9bbd-4be6-b712-c205141e1bfb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 21:11:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 20 Nov 2023 21:11:39 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d739b3d9-9bbd-4be6-b712-c205141e1bfb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
image2.pubmatic.com/AdServer/ Frame EE62
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGbmVrN0t0NWNBQUJRa1ZuVjVWZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAFnek7Kt5cAABQkVnV5Vg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFnek7Kt5cAABQkVnV5Vg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFnek7Kt5cAABQkVnV5Vg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1285526550220035943&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFnek7Kt5cAABQkVnV5Vg&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFnek7Kt5cAABQkVnV5Vg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 21:11:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 20 Nov 2023 21:11:40 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFnek7Kt5cAABQkVnV5Vg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame DEA9
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdbb6a06773bc447cbf12dffda622974f
42 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdbb6a06773bc447cbf12dffda622974f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 21:11:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 21:11:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdbb6a06773bc447cbf12dffda622974f
pragma
no-cache
server
Tengine
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F26E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZDG8JGCVTUSwNAFnofYSgg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.35.232.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-232-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=95504
accept-ranges
bytes
content-length
5622
expires
Tue, 21 Nov 2023 23:43:23 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame F26E 		49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6431BC24-6095-4D44-B034-0167A1F61282&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-99-225.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.8.3
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame F26E
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3201192281
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6431BC24-6095-4D44-B034-0167A1F61282
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6431BC24-6095-4D44-B034-0167A1F61282
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:38 GMT
via
1.1 google
last-modified
Mon, 20 Nov 2023 21:11:39 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=6431BC24-6095-4D44-B034-0167A1F61282
date
Mon, 20 Nov 2023 21:11:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame F26E
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6431BC24-6095-4D44-B034-0167A1F61282
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aDY2ZjZ3RUhadUdRcDZmcjFyWXdsd3Qtdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4553778613067360570&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.211.237.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-237-14.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 21:11:39 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 20 Nov 2023 21:11:39 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame F26E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjQzMUJDMjQtNjA5NS00RDQ0LUIwMzQtMDE2N0ExRjYxMjgy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 21:11:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F26E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELfyZfVNObbRaIljHwLZJjE&google_cver=1
42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELfyZfVNObbRaIljHwLZJjE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 20:38:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELfyZfVNObbRaIljHwLZJjE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F26E
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:967D38F2666947E8A045C453087C1680
42 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:967D38F2666947E8A045C453087C1680
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 20:36:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 20 Nov 2023 21:11:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:967D38F2666947E8A045C453087C1680
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 19 Nov 2023 21:11:39 GMT
generic
match.adsrvr.org/track/cmf/ Frame F26E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:38 GMT
server
Kestrel
content-length
70
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame F26E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4553778613067360570
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4553778613067360570
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4553778613067360570
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
SPug
image4.pubmatic.com/AdServer/ Frame F26E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6431BC24-6095-4D44-B034-0167A1F61282&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6431BC24-6095-4D44-B034-0167A1F61282&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-q4SNzU9E2uXx38MUi3L.McvtLscpJP0-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-q4SNzU9E2uXx38MUi3L.McvtLscpJP0-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-q4SNzU9E2uXx38MUi3L.McvtLscpJP0-~A&gdpr=0
date
Mon, 20 Nov 2023 21:11:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
6431BC24-6095-4D44-B034-0167A1F61282
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F26E 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6431BC24-6095-4D44-B034-0167A1F61282?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.113.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-113-218.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
pixelSync
pixel-sync.sitescout.com/dmp/ Frame F26E 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F26E
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6431BC24-6095-4D44-B034-0167A1F61282&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=f040fa527981633&is_secure=true&networkId=17100&version=1&nuid=6431BC24-6095-4D44-B034-0167A1F61282&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI8nXjwvfpCQMGnzRPAAAAAAA&expiration=1700601099&nuid=6431BC24-6095-4D44-B034-0167A1F61282&...
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI8nXjwvfpCQMGnzRPAAAAAAA&expiration=1700601099&nuid=6431BC24-6095-4D44-B034-0167A1F61282&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI8nXjwvfpCQMGnzRPAAAAAAA&expiration=1700601099&nuid=6431BC24-6095-4D44-B034-0167A1F61282&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame F26E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7824266110080124504&gdpr=0&gdpr_consent=&us_privacy=
1 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7824266110080124504&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7824266110080124504&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pixel
ap.lijit.com/ Frame 8A07 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 20 Nov 2023 21:11:39 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame 8A07
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=6681620682794739991
  • https://sync.quantumdex.io/setuid?bidder=between&uid=753cb1d5-e76b-5345-81c7-3d85e49cf60e
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=753cb1d5-e76b-5345-81c7-3d85e49cf60e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
104.22.36.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8293afc6a94a0408-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=753cb1d5-e76b-5345-81c7-3d85e49cf60e
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 8A07
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5624008184892383403
43 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5624008184892383403
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
104.22.36.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8293afc53f900408-FRA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:38 GMT
an-x-request-uuid
6c743435-fc57-442c-a761-267ddc750c23
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5624008184892383403
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/FGMrCMMc/ Frame 8A07 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.27.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-27-82.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
0.gif
id5-sync.com/i/495/ Frame 8A07 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 20 Nov 2023 21:11:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 8A07
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-ff63ff87-5e91-30d9-84a7-040e179a28a1
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-ff63ff87-5e91-30d9-84a7-040e179a28a1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
104.22.36.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8293afc7099a0408-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-ff63ff87-5e91-30d9-84a7-040e179a28a1
pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-store
content-length
0
expires
0
/
s.ad.smaato.net/c/ Frame 8A07 		0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-108.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:10:59 GMT
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
40
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
uT_HUomFlXDbv6pw3_IFMyGcyQFYpG1JHrraY-XmGn66vudohQooig==
user-sync
sync.adkernel.com/ Frame 8889 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 20 Nov 2023 21:11:39 GMT
Pragma
no-cache
Server
nginx
user-sync
sync.adkernel.com/ Frame D647 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 20 Nov 2023 21:11:39 GMT
Pragma
no-cache
Server
nginx
user-sync
sync.adkernel.com/ Frame 62AB 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 20 Nov 2023 21:11:39 GMT
Pragma
no-cache
Server
nginx
sync
eb2.3lift.com/ Frame 3F41
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
73e47836372e910f6e294e3a3403d74f39a09bb3e2b14419d298fefa26c3bc17

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 21:11:39 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 20 Nov 2023 21:11:39 GMT
location
/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usermatch
ssum-sec.casalemedia.com/ Frame 3288
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
900 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a09c57b1692ed6aa8b83efe2fd3f93118596cd8c524436e84ebd503950ddc21

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8293afc59ae55d88-FRA
content-encoding
br
content-type
text/html
date
Mon, 20 Nov 2023 21:11:39 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogWXRUUcKalRDD6Sf3YwZg6Lx9ytdkaT4wdTXKYaJKmQWy%2BL0PCwR9bgkWcDmUj7vzfTQ5MS85VsXbXzMewqbgSfZsEX3Vviiv1KNQJJthmPC7SL7eZaSwbpv1QjlYKyY%2B%2BVrJFOqsEmTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8293afc4fa4b5d88-FRA
content-length
0
date
Mon, 20 Nov 2023 21:11:39 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eMV8zchOy866Km0hyJP4cmej1z2g1j2Rg2UKLLrjzbVWy39hC8eOQKwL9uEHpB5rXOuZQplVt8%2BmDoH0kjocH2rFLLwkufkhZexg3YmbiykCML1hAWyhBg1tfxWwK%2FxDVUA5vJbCtaInQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user-sync
sync.adkernel.com/ Frame E662 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 20 Nov 2023 21:11:39 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 5CAD 		0
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.172.246.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-246-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-length
0
content-type
text/html
date
Mon, 20 Nov 2023 21:11:39 GMT
server
istio-envoy
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E950 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.232.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-232-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=95505
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 20 Nov 2023 21:11:38 GMT
expires
Tue, 21 Nov 2023 23:43:23 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame 06D1
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.36.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8293afc56fd30408-FRA
content-length
43
content-type
image/gif
date
Mon, 20 Nov 2023 21:11:39 GMT
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 20 Nov 2023 21:11:39 GMT
etag
OPTOUT
expires
0
location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
pragma
no-cache
/
onetag-sys.com/usync/ Frame 9AB7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
setuid
sync.quantumdex.io/ Frame E15B
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-ff63ff87-5e91-30d9-84a7-040e179a28a1
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-ff63ff87-5e91-30d9-84a7-040e179a28a1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
104.22.36.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8293afc6f9910408-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-ff63ff87-5e91-30d9-84a7-040e179a28a1
pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-store
content-length
0
expires
0
/
s.ad.smaato.net/c/ Frame E15B 		0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-108.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:10:59 GMT
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
40
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
8pXI-FmyZL7VcChYWv8JmQ619ae6-dNgqK-nyrLb8nSsSFZVj2NKKw==
pixel
ap.lijit.com/ Frame E15B 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 20 Nov 2023 21:11:39 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
0.gif
id5-sync.com/i/495/ Frame E15B 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 20 Nov 2023 21:11:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame E15B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5624008184892383403
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5624008184892383403
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
104.22.36.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8293afc5a8380408-FRA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
an-x-request-uuid
3b3f4510-044d-497a-bfcf-dbe92cc88c75
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5624008184892383403
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/FGMrCMMc/ Frame E15B 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.27.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-27-82.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
setuid
sync.quantumdex.io/ Frame E15B
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=2853876293227825877
  • https://sync.quantumdex.io/setuid?bidder=between&uid=753cb1d5-e76b-5345-81c7-3d85e49cf60e
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=753cb1d5-e76b-5345-81c7-3d85e49cf60e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
104.22.36.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8293afc6a9480408-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=753cb1d5-e76b-5345-81c7-3d85e49cf60e
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
onetag-sys.com/usync/ Frame B5D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
usermatch
ssum-sec.casalemedia.com/ Frame 7A93
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1eafc3d22a0d69f110ef9abf06504f4393ea31fcf565cdd86c1cb0676d1d469

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8293afc61b4f5d88-FRA
content-encoding
br
content-type
text/html
date
Mon, 20 Nov 2023 21:11:39 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8y6jvVoZ178qD6zBv2bsOvcmNvSL8AHBZ6nv7OqAUNKHLm45oPJOiBSf54CNs%2FFk0RqCCD6m3TzGgK0wscrOBBADrNggaqbJD1UVLCYXOl2zb9Te%2FzH7MkMxH%2FdHvgNwloaPtEF8sguCYw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8293afc4fa4e5d88-FRA
content-length
0
date
Mon, 20 Nov 2023 21:11:39 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zvi6a1%2BBSgz4ob%2F%2F7QSCJ7SU6HQy1DwxrVU%2FyiP%2FHD12hT3JY%2BpJb9GxiB93xpBt0pqrbbao1t0Hk2zjYIbmvDApl6uKAppmxM7oCBr9F%2FqqHH3fMgYEVh83b%2Fyn9YhPcP5aJtdMYHRGoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame 2841
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.36.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8293afc56fd70408-FRA
content-length
43
content-type
image/gif
date
Mon, 20 Nov 2023 21:11:39 GMT
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 20 Nov 2023 21:11:39 GMT
etag
OPTOUT
expires
0
location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
pragma
no-cache
user-sync
sync.adkernel.com/ Frame 526D 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 20 Nov 2023 21:11:39 GMT
Pragma
no-cache
Server
nginx
user-sync
sync.adkernel.com/ Frame 3F20 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 20 Nov 2023 21:11:39 GMT
Pragma
no-cache
Server
nginx
user-sync
sync.adkernel.com/ Frame 1125 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 20 Nov 2023 21:11:39 GMT
Pragma
no-cache
Server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E622 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.232.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-232-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=95504
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 20 Nov 2023 21:11:39 GMT
expires
Tue, 21 Nov 2023 23:43:23 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 3333 		0
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.172.246.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-246-175.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-length
0
content-type
text/html
date
Mon, 20 Nov 2023 21:11:39 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame 9930 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 20 Nov 2023 21:11:39 GMT
Pragma
no-cache
Server
nginx
sync
eb2.3lift.com/ Frame F8C7
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
7218a335f9f32d3de4f0a3b38825afcb3f74bbb2f482631d2ca0a84ca4e06e70

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1339
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 21:11:39 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 20 Nov 2023 21:11:39 GMT
location
/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
generic
match.adsrvr.org/track/cmf/ Frame 3F41 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
server
Kestrel
content-length
70
content-type
image/gif
ebda
eb2.3lift.com/ Frame 3F41
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjMxNjU0ODE3ODI1NDczNjkxNTYx
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 3F41
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELxfx0oBdDM1K8iBXTyQFqg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELxfx0oBdDM1K8iBXTyQFqg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELxfx0oBdDM1K8iBXTyQFqg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3F41
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjMxNjU0ODE3ODI1NDczNjkxNTYx
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjMxNjU0ODE3ODI1NDczNjkxNTYx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjMxNjU0ODE3ODI1NDczNjkxNTYx
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 3F41 		0
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1226500876584288566948&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:38 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2F6423BA5F384DCEBF9B3E438DD5174F Ref B: FRAEDGE1114 Ref C: 2023-11-20T21:11:39Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKm+6b4D5zlXUMa3d/Pg==
xuid
eb2.3lift.com/ Frame 3F41
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1226500876584288566948?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-WrEXAJ1E2oSLg8iwZ4It1btdzoGGDypuBN7e.oKOUQ--~A&dongle=0883
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-WrEXAJ1E2oSLg8iwZ4It1btdzoGGDypuBN7e.oKOUQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Mon, 20 Nov 2023 21:11:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-WrEXAJ1E2oSLg8iwZ4It1btdzoGGDypuBN7e.oKOUQ--~A&dongle=0883
content-length
0
sync
x.bidswitch.net/ Frame 3F41
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1226500876584288566948&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=d739b3d9-9bbd-4be6-b712-c205141e1bfb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=d739b3d9-9bbd-4be6-b712-c205141e1bfb
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=d739b3d9-9bbd-4be6-b712-c205141e1bfb
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
3.121.8.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-8-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=d739b3d9-9bbd-4be6-b712-c205141e1bfb
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xuid
eb2.3lift.com/ Frame 3F41
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=da8fa9cf-50ac-4393-83ae-5e4e64e66e80&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=da8fa9cf-50ac-4393-83ae-5e4e64e66e80&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:38 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=da8fa9cf-50ac-4393-83ae-5e4e64e66e80&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
548079
content-length
0
expires
Mon, 20 Nov 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 3F41
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5624008184892383403&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=5624008184892383403&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
an-x-request-uuid
52391dad-2e81-4059-893d-f9b8ece25e99
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=5624008184892383403&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 3F41 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=1226500876584288566948
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
an-x-request-uuid
64302e6b-26eb-4006-a925-f1e9c6e5398d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame F8C7 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
server
Kestrel
content-length
70
content-type
image/gif
ebda
eb2.3lift.com/ Frame F8C7
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjMxNjU0ODE3ODI1NDczNjkxNTYx
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame F8C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELxfx0oBdDM1K8iBXTyQFqg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELxfx0oBdDM1K8iBXTyQFqg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELxfx0oBdDM1K8iBXTyQFqg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F8C7
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjMxNjU0ODE3ODI1NDczNjkxNTYx
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjMxNjU0ODE3ODI1NDczNjkxNTYx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjMxNjU0ODE3ODI1NDczNjkxNTYx
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame F8C7 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=631654817825473691561&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:38 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2AF2ADBE569447A09EA1619EA8D24310 Ref B: FRAEDGE1114 Ref C: 2023-11-20T21:11:39Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKm+6b4EXUagixrhR8gw==
xuid
eb2.3lift.com/ Frame F8C7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/631654817825473691561?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-WrEXAJ1E2oSLg8iwZ4It1btdzoGGDypuBN7e.oKOUQ--~A&dongle=0883
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-WrEXAJ1E2oSLg8iwZ4It1btdzoGGDypuBN7e.oKOUQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Mon, 20 Nov 2023 21:11:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-WrEXAJ1E2oSLg8iwZ4It1btdzoGGDypuBN7e.oKOUQ--~A&dongle=0883
content-length
0
sync
x.bidswitch.net/ Frame F8C7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=631654817825473691561&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=d739b3d9-9bbd-4be6-b712-c205141e1bfb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=d739b3d9-9bbd-4be6-b712-c205141e1bfb
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=d739b3d9-9bbd-4be6-b712-c205141e1bfb
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
3.121.8.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-8-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=d739b3d9-9bbd-4be6-b712-c205141e1bfb
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xuid
eb2.3lift.com/ Frame F8C7
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=da8fa9cf-50ac-4393-83ae-5e4e64e66e80&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=da8fa9cf-50ac-4393-83ae-5e4e64e66e80&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:38 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=da8fa9cf-50ac-4393-83ae-5e4e64e66e80&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
621871
content-length
0
expires
Mon, 20 Nov 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame F8C7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5624008184892383403&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=5624008184892383403&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 20 Nov 2023 21:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
an-x-request-uuid
52955cf0-0c89-4a0f-b8e1-4fc9bc5a52f2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=5624008184892383403&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame F8C7 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=631654817825473691561
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
an-x-request-uuid
2f6e743a-1027-4fd0-a48e-7ac4d0d9bdab
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3288 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 3288 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVvLi4sQwJN8QyoFIp5ccwAABGQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 21:11:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BSFPKPJZADR1YXN72F99
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 3288
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVvLi4sQwJN8QyoFIp5ccwAABGQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN2ym_YLGONuba5gprumDWo&google_cver=1
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN2ym_YLGONuba5gprumDWo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CY83rZFKMGuq6Pcc4f0fhoeIlsi5OJM%2FFgv2rOHIN5qKGqkigOJRJuAdPZT3EPS1A%2BULhfAkoJr51AT9ToAEjgnhnOgE8SPz8EAxte8KuJw5kje9KWlShqOxe2RQcmcBjbNyZjRioWlMXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8293afc69bbb5d88-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN2ym_YLGONuba5gprumDWo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3288
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVvLi4sQwJN8QyoFIp5ccwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPPvmWQ6Hul7oioz0LGljrw&google_cver=1
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPPvmWQ6Hul7oioz0LGljrw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uL0LOUsZEjfPsQ82IzeTj8XkkQ4E%2BGtJOXZJhksIKkuWmvRyEPSTC2AXhM90%2BY1UM%2F6Iz98f%2FEBXWpY8YM2v17EAlli2cBWk7LOZO5VGHbZeeT3L9GZoUs95Qdp35k4MZ51eIXl%2FEUJAYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8293afc6fc2e5d88-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPPvmWQ6Hul7oioz0LGljrw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
28292
i6.liadm.com/s/ Frame 3288
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVvLi4sQwJN8QyoFIp5ccwAA%261124&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVvLi4sQwJN8QyoFIp5ccwAA%261124&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=16f15716144c4699b31f178aeb811deb
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_tkgCo6D0QTETyLOwDNJe7nv9BD_txq_Hkwwcw
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_tkgCo6D0QTETyLOwDNJe7nv9BD_txq_Hkwwcw
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_tkgCo6D0QTETyLOwDNJe7nv9BD_txq_Hkwwcw
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
18.207.169.236 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 21:11:41 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_tkgCo6D0QTETyLOwDNJe7nv9BD_txq_Hkwwcw
Date
Mon, 20 Nov 2023 21:11:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
rum
dsum.casalemedia.com/ Frame 3288
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=5aa19c236314192f&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAH2GACra-EVwMH8L1mAAAAAAA&expiration=1700601099&is_secure=true
43 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAH2GACra-EVwMH8L1mAAAAAAA&expiration=1700601099&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sj7CU6mG%2FZFNvUuKoIawiC1IXsuEUBm0gMqfJe92CPKU7W6iHayz1SV2ZTxHnn%2BdyOKBZ9lLCTvqURiSI53EBDxmtDnIjqgA8h5CMIByti%2F5nffOqgJHML11WQC1MuGaaOartcft"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8293afc94e595d88-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAH2GACra-EVwMH8L1mAAAAAAA&expiration=1700601099&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 3288
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=sd3eNYYE1R5byr5
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=sd3eNYYE1R5byr5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcH6jq%2BSHfFTLPTPcLSsaVhRsodzO5N7o1aQpMl8%2FvIIor6ke%2Fab0L0A%2BT%2BFzN0R13PRhvZPI37k%2FbBeJ0l13%2BUULoUwzZATQjFx9Lg5D7n7T4yZFSj1rj6AYrCVlW4FEZtW1QIS89Qhag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8293afc82d595d88-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 21:11:38 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=sd3eNYYE1R5byr5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ZVvLi4sQwJN8QyoFIp5ccwAABGQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3288
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZVvLi4sQwJN8QyoFIp5ccwAABGQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZVvLi4sQwJN8QyoFIp5ccwAABGQAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZVvLi4sQwJN8QyoFIp5ccwAABGQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Server
108.128.113.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-113-218.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZVvLi4sQwJN8QyoFIp5ccwAABGQAAAIB
date
Mon, 20 Nov 2023 21:11:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 3288 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZVvLi4sQwJN8QyoFIp5ccwAABGQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.36.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8293afc679050408-FRA
content-length
43
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 7A93
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVvLi1OLnI88r8b70S.h5AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPPvmWQ6Hul7oioz0LGljrw&google_cver=1&google_hm=2
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPPvmWQ6Hul7oioz0LGljrw&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UOtwPK3hNmOTfyvVJw44FM3qg8M%2FaX5rO6pk3l%2FmwVdFqCZen1SkJC%2BSKvdHWRVSd9R0lNEK0bD0bCOQMpal0DtlOqu2SHGVoeUj5oh2dbldiHoL6DlXACRD5MI9E2YS%2FigLUZenKil%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8293afc74c885d88-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPPvmWQ6Hul7oioz0LGljrw&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
28292
i.liadm.com/s/ Frame 7A93
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVvLi1OLnI88r8b70S.h5AAA%261115&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVvLi1OLnI88r8b70S.h5AAA%261115&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=7c6c7f09b24a4ccf8b193b09ebd314e7
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_tkgCo6D0QTETyLOwDNJe7nv9BD_txq_Hkwwcw
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_tkgCo6D0QTETyLOwDNJe7nv9BD_txq_Hkwwcw
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
34.196.92.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-92-141.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 21:11:40 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
3
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:40 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_tkgCo6D0QTETyLOwDNJe7nv9BD_txq_Hkwwcw
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
603850
content-length
0
expires
Mon, 20 Nov 2023 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 7A93
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVvLi1OLnI88r8b70S-h5AAABFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN2ym_YLGONuba5gprumDWo&google_cver=1
43 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN2ym_YLGONuba5gprumDWo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sg%2BBNknPX%2BLUiAZ6siO4GtlTSn3EAZtbGr9YnPI6eD2m5pCtr%2Ff37kzc1AeO3O2Or0Hkb3KWB00%2Fkah62tbtaPhJYPAVLsBtCSNvZwIUT2nmRTSRIn7jhbo9Z8o5ezTadM9igDeTn%2BvBKg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8293afc6ec195d88-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN2ym_YLGONuba5gprumDWo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7A93 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVvLi1OLnI88r8b70S-h5AAABFsAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 21:11:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E22TXMK75J2P48B664GQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7A93 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 7A93
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084928405951701
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084928405951701
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCFwSj93vPlHDvSEU0WCgUz91fUXNf9qwB5GyRp%2Byrhy6XdANaZ5OmpzfCBC2R9FjO2s0qHtwcRpYQkXUMbLnZ7peATkh%2FLOFTsbtXKjWe0QwjCkDIT8tyMTHGEQP%2BzDOToIzKNCKEi7hg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8293afc7cd025d88-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5140084928405951701
Date
Mon, 20 Nov 2023 21:11:39 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
user-registering
ads.stickyadstv.com/ Frame 7A93 		43 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZVvLi1OLnI88r8b70S-h5AAABFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
154.57.158.26 Amsterdam, Netherlands, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 21:11:39 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1700514699608061-558
ix
ad4m.at/ad/sim/ Frame 7A93 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
setuid
sync.quantumdex.io/ Frame 7A93 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZVvLi1OLnI88r8b70S-h5AAABFsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.36.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8293afc6c9650408-FRA
content-length
43
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame F78F 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
an-x-request-uuid
0c50c8dd-151f-45fe-94b6-a1bb81d8ff67
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4DE4 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 21:11:39 GMT
an-x-request-uuid
d2ea20ee-d422-40c6-a61c-19d506d7d2e6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.162; 176.115.237.162; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame F26E 		0
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160120&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 0C31 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43840250&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
0d2b3bd2800f6bf8893b8fac164a8d4f89c5b6614355fbcff78488d06268ca18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 21:11:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 669C 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=6431BC24-6095-4D44-B034-0167A1F61282&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 20 Nov 2023 21:11:41 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
/
csync.loopme.me/ Frame 6238 		0
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame C8E8 		0
0
/
b1sync.zemanta.com/usersync/pubmatic/ Frame AB55 		0
0
bridge
cm.adgrx.com/ Frame D994 		0
0
cm
ipac.ctnsnet.com/int/ Frame 7B9A 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 20 Nov 2023 21:11:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 85CF
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1485396846482334611
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1485396846482334611
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 20:38:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1485396846482334611
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame E56F
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084928405951701
42 B
272 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084928405951701
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 21:11:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 20 Nov 2023 21:11:41 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084928405951701
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame A830 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 20 Nov 2023 21:11:41 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-12c2be81c91e@version_1.576
X-core-time
0ms
X-server-arch
v2
pubmatic
ad.mrtnsvr.com/sync/ Frame EEC0 		0
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 54E7 		0
0
i.match
a.tribalfusion.com/ Frame 1FB3 		0
0
/
pixel-eu.onaudience.com/ Frame 8CC2
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
0
0
pub
matching.truffle.bid/sync/ Frame A68B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 20 Nov 2023 21:11:41 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 694F
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:967D38F2666947E8A045C453087C1680&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:967D38F2666947E8A045C453087C1680&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 21:11:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 20 Nov 2023 21:11:41 GMT
expires
Sun, 19 Nov 2023 21:11:41 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:967D38F2666947E8A045C453087C1680&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
RX-67705813-42c1-4706-a784-060afa148315-003
sync.targeting.unrulymedia.com/csync/ Frame ED2A
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1700514701512
  • https://ad.turn.com/r/cs?pid=45&rndcb=4000840845
  • https://sync.1rx.io/usersync/turn/7824266110080124504?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-67705813-42c1-4706-a784-060afa148315-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
0
0
mw
mwzeom.zeotap.com/ Frame 0C31 		0
0
info
uipglob.semasio.net/pubmatic/1/ Frame 0C31 		0
0
generic
match.adsrvr.org/track/cmf/ Frame 0C31
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=6431BC24-6095-4D44-B034-0167A1F61282&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 21:11:41 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0C31
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:14300ea6-56bb-4cd2-a13f-896106f397a0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame F26E 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59143240&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 20 Nov 2023 21:11:40 GMT
content-length
47
content-type
text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
pixel-eu.onaudience.com
URL
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-67705813-42c1-4706-a784-060afa148315-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-67705813-42c1-4706-a784-060afa148315-003
Domain
mwzeom.zeotap.com
URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6431BC24-6095-4D44-B034-0167A1F61282
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6431BC24-6095-4D44-B034-0167A1F61282&sInitiator=external&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:14300ea6-56bb-4cd2-a13f-896106f397a0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Verdicts & Comments Add Verdict or Comment

294 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| documentPictureInPicture object| __cfQR object| zxConsentParams object| t object| e object| rbConfig string| token object| rsdfhse function| ym object| AdSlotCollection object| Sk object| _0x4136 number| zxadflg_rich_stat boolean| cs_flg string| zxmngname_ext string| yamId string| zx_domaine_ext string| zxadblockmng_ext number| zx_ad_flg boolean| zx_flgCap number| zx_gcWrk boolean| zx_flgOverlay boolean| zx_flgNative function| ZxGetConsent function| ZxStartMainModule number| nmprd string| zx_type_ad string| zxadpartner_ext object| __ZXNT number| zxCheckAbsStart object| __ZXCONSENT object| webpackChunk function| $ function| jQuery boolean| __cfRLUnblockHandlers string| didomiGeoRegulations number| ZxConsentFlg string| css object| cookieconsent boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| $jscomp number| SesEOa2m2OKxd56JECgK string| rulvW5gntb function| updateRbDisplays number| zxCheckAbs number| zxConsentEnabled object| ZXNT object| ABS_URL object| DATAZXNT object| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| Criteo object| Ya object| yaCounter84987520 function| getCs string| _ONND_URL_EMBED string| _ONND_URL_CDN_EMBED string| _ONNPBaseId object| ONTVOpAdConfig object| ONTVOpAdAConfig function| ONTVOptAdPlayer function| ONTVOptAdAudioPlayer object| ggeac object| google_tag_data object| google_js_reporting_queue object| _mgIntExchangeNews object| MarketGidInfC1102315 boolean| mg_loaded_692293_1102315 function| _mgWidgetLoad1102315 undefined| google_measure_js_timing object| _mgq function| _mgqp number| _mgqt number| _mgqi object| pbjs object| _mgPageViewEndPoint692293 object| _mgPageView692293 object| _mgPvidList string| _mgPvid string| _mgCanonicalUri function| ONTVMiniatureEnabled function| ONTVdisposePlayer function| ONTVFSSwitch function| ONTVFSOff function| ONTVsendCommand function| ONTVAllPlayerIndex function| ONTVhideAllMiniature object| _mgUserPages number| google_unique_id object| gaGlobal object| sas object| apntag object| _ADAGIO object| MarketGidInfC1101801 boolean| mg_loaded_692293_1101801 function| _mgWidgetLoad1101801 object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo_identitytag_144 object| GoogleGcLKhOms object| criteo_pubtag_prebid_134 object| Criteo_prebid_134 object| onClickExcludes function| mgReject1102315 function| mgLoadAds1102315_066f4 function| _mgConsentWait1102315_066f4 function| MarketGidCReject1102315 function| MarketGidLoadGoods1102315_066f4 function| mgReject1521780 function| mgLoadAds1521780_066f4 function| _mgConsentWait1521780_066f4 function| MarketGidCReject1521780 function| MarketGidLoadGoods1521780_066f4 function| mgLoadAds1102315_0ff85 function| _mgConsentWait1102315_0ff85 function| MarketGidLoadGoods1102315_0ff85 function| mgLoadAds1521780_0ff85 function| _mgConsentWait1521780_0ff85 function| MarketGidLoadGoods1521780_0ff85 object| _mgSessionPages string| _mgSessionId number| _mgSessionPagesNumber object| _mgSessionsTimeList boolean| MarketGidCSvsdsFlag function| mgLoadAds1102315_0a617 function| _mgConsentWait1102315_0a617 function| MarketGidLoadGoods1102315_0a617 function| mgLoadAds1521780_0a617 function| _mgConsentWait1521780_0a617 function| MarketGidLoadGoods1521780_0a617 function| mgReject1101801 function| mgLoadAds1101801_13d77 function| _mgConsentWait1101801_13d77 function| MarketGidCReject1101801 function| MarketGidLoadGoods1101801_13d77 function| mgReject1521781 function| mgLoadAds1521781_13d77 function| _mgConsentWait1521781_13d77 function| MarketGidCReject1521781 function| MarketGidLoadGoods1521781_13d77 string| _mgUniqueHash1102315_066f4 boolean| i.js.loaded boolean| i-noref.js.loaded object| PWT string| _mgUniqueHash1102315_0ff85 string| _mgUniqueHash1102315_0a617 object| ID5 string| _mgUniqueHash1101801_13d77 object| __id5_instances number| google_global_correlator object| ed object| owpbjsChunk object| owpbjs boolean| _mgPubmaticExists object| closure_lm_17522 object| google_image_requests

120 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQvK7M9L4xCgoIkQIQvK7M9L4xCgoItAIQvK7M9L4xCgoI5gEQvK7M9L4xCgoIhwIQvK7M9L4xCgoItwIQvK7M9L4xCgkIOhC8rsz0vjEKCgiMAhC8rsz0vjEKCQhfELyuzPS-MQoJCB8QvK7M9L4x
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARDFFgoJCP____8HEM8W
.dr5.biz/ Name: uuid
Value: 6283c363-cc85-4de2-a3d9-fdd59d395322
.novaya-pesn.com/ Name: _sharedID
Value: 6d34626e-7122-4cc8-b2d2-f287555a6555
.prebid.a-mo.net/ Name: __amc
Value: 1_1700514694_1700514694
.novaya-pesn.com/ Name: _ym_uid
Value: 1700514695991801631
.novaya-pesn.com/ Name: _ym_d
Value: 1700514695
.mgid.com/ Name: __cf_bm
Value: bYV0POLTtxEhCmny5Bl2o0iYiNgPZLyIqHN570iH6eA-1700514694-0-ARczjMFLB8z6v0qGErPeg5B7UY0AYKlZ+IwDPVYXtD6J3CK/r86SwSOsgLymztG6vW6UbWnUqJ+WJ1AafKILvAU=
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2339217190fake
.yandex.com/ Name: i
Value: sNpFziB2dVlwg1csEnQ0axBiI1AXYdiXm1pwX4cIiK88dQRxUAWQdsfg6fcncnLfTL9D6BIcD7Af0PGByVglU95j5y0=
.yandex.com/ Name: yandexuid
Value: 5811438571700514694
.novaya-pesn.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3491667441fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 5811438571700514694
.yandex.ru/ Name: yuidss
Value: 5811438571700514694
.yandex.ru/ Name: i
Value: sNpFziB2dVlwg1csEnQ0axBiI1AXYdiXm1pwX4cIiK88dQRxUAWQdsfg6fcncnLfTL9D6BIcD7Af0PGByVglU95j5y0=
.yandex.ru/ Name: yp
Value: 1700601095.yu.5693712851700514694
.yandex.ru/ Name: ymex
Value: 1703106695.oyu.5693712851700514694
.script.ac/ Name: __cf_bm
Value: t3tzoEUjentrF01mW52DLt_RW.kIoDv2Ag_.M9Lc1SQ-1700514695-0-AYOu8RjCKt/7dVPtDWbAd0ePRBrslBzBUMBN1gJs7ua/GoEZNyxfvSKddsI6/bP5VENcXlciNVByHtate3HqM28=
mc.yandex.com/ Name: yabs-sid
Value: 2485482201700514695
.yandex.com/ Name: yuidss
Value: 5811438571700514694
.yandex.com/ Name: ymex
Value: 1732050695.yrts.1700514695
.yandex.com/ Name: bh
Value: KgI/MA==
.quantumdex.io/ Name: uid
Value: 479adc94-4a5c-4e12-9339-b8c925000c02
.novaya-pesn.com/ Name: __gads
Value: ID=e27a713ffb9e4eec:T=1700514695:RT=1700514695:S=ALNI_MZPSYQtGl8EAmyLhlLyjyXZA5l-Tw
.novaya-pesn.com/ Name: __gpi
Value: UID=00000ccedac57d3a:T=1700514695:RT=1700514695:S=ALNI_MaHUSvaL2qm5z7IBhR0khekMDHxyA
.novaya-pesn.com/ Name: lotame_domain_check
Value: novaya-pesn.com
.openx.net/ Name: i
Value: eb4f61fe-347a-443e-95b0-84e8bdd7492d|1700514696
tr.novaya-pesn.com/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C1102315%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221700514696068%22%7D%2C%22C1101801%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221700514696131%22%7D%7D
.criteo.com/ Name: uid
Value: da8fa9cf-50ac-4393-83ae-5e4e64e66e80
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.novaya-pesn.com/ Name: cto_bundle
Value: bXS2U19zbnVpUUJURVBzNHd2bldWMjUwJTJGajZMaURYSkpOU3o1S2kxdWdiUkN4aXNITTJScHVQYllQU0JrZFVpMEFKMEw4WiUyQmZGRVdFWm1UV3VBa0VhRUxoaUplcmdHMnFaWENHN3paZUF3bjRTTVd4SjJ1Zm1WY0VmeGVGWHY1VFA4MnJyTHBDcFE4clpYJTJGWXlZZDMzNGhFbnclM0QlM0Q
.doubleclick.net/ Name: IDE
Value: AHWqTUkOU-oqAaqNiU_Lst9DvME9-Jno17kbnGHYqZlsvWNZCuuQ94rA4XGAAKtv
tr.novaya-pesn.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.novaya-pesn.com/ Name: _gid
Value: GA1.2.273039862.1700514697
.novaya-pesn.com/ Name: _gat_onn_tracker
Value: 1
.tr.novaya-pesn.com/ Name: _ga
Value: GA1.3.945899234.1700514697
.tr.novaya-pesn.com/ Name: _gid
Value: GA1.3.273039862.1700514697
.novaya-pesn.com/ Name: _ga
Value: GA1.1.945899234.1700514697
.novaya-pesn.com/ Name: _ga_KSCXDDB4SG
Value: GS1.1.1700514697.1.0.1700514697.0.0.0
tr.novaya-pesn.com/ Name: unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-20T21%3A11%3A38%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6431BC24-6095-4D44-B034-0167A1F61282
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160120:2
.pubmatic.com/ Name: DPSync3
Value: 1701648000%3A241_235_201_245
.pubmatic.com/ Name: SyncRTB3
Value: 1701648000%3A13_54_21_7_8_71_3_55_220_233_264_56_166_251%7C1703030400%3A203%7C1701734400%3A35%7C1701043200%3A15_223_2%7C1701302400%3A63
.adnxs.com/ Name: uuid2
Value: 5624008184892383403
.adform.net/ Name: C
Value: 1
.bidswitch.net/ Name: tuuid
Value: d739b3d9-9bbd-4be6-b712-c205141e1bfb
.bidswitch.net/ Name: c
Value: 1700514699
.bidswitch.net/ Name: tuuid_lu
Value: 1700514699
.adfarm1.adition.com/ Name: UserID1
Value: 7303655018573330571
.quantserve.com/ Name: d
Value: ENYBCwG8KvijAA
.quantserve.com/ Name: mc
Value: 655bcb8b-0a2a6-c978e-dd400
.weborama.fr/ Name: AFFICHE_W
Value: QNnvhYqc@TpA52
.adx.opera.com/ Name: UID
Value: OPUdbb6a06773bc447cbf12dffda622974f
.adform.net/ Name: uid
Value: 4553778613067360570
.3lift.com/ Name: tluid
Value: 631654817825473691561
.simpli.fi/ Name: suid
Value: 967D38F2666947E8A045C453087C1680
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: 753cb1d5-e76b-5345-81c7-3d85e49cf60e
.adnxs.com/ Name: anj
Value: dTM7k!M4/YEVNsVF']wIg2C$Sm:boS!]tbP6j2F-.aE*LBAgB^jFLVqglfWNi.qP_jEY1uglSpkg^]x_v^S=2(j'5?)fy*JcGfhT
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI2MzE2NTQ4MTc4MjU0NzM2OTE1NjEiLCJleHBpcmVzIjoiMjAyNC0wMi0xOFQyMToxMTozOVoifX0sImJpcnRoZGF5IjoiMjAyMy0xMS0yMFQyMToxMTozOVoifQ==
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUdbb6a06773bc447cbf12dffda622974f&KRTB&23485-OPUdbb6a06773bc447cbf12dffda622974f&KRTB&23524-OPUdbb6a06773bc447cbf12dffda622974f
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-C8t4AV6cdQEQzixRXMhgAATJdQYQmilXDc68ntaA&KRTB&19420-C8t4AV6cdQEQzixRXMhgAATJdQYQmilXDc68ntaA&KRTB&22979-C8t4AV6cdQEQzixRXMhgAATJdQYQmilXDc68ntaA&KRTB&23462-C8t4AV6cdQEQzixRXMhgAATJdQYQmilXDc68ntaA
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELfyZfVNObbRaIljHwLZJjE&KRTB&23025-CAESELfyZfVNObbRaIljHwLZJjE&KRTB&23386-CAESELfyZfVNObbRaIljHwLZJjE
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:967D38F2666947E8A045C453087C1680&KRTB&23486-uid:967D38F2666947E8A045C453087C1680&KRTB&23489-uid:967D38F2666947E8A045C453087C1680&KRTB&23539-uid:967D38F2666947E8A045C453087C1680
.casalemedia.com/ Name: CMPS
Value: 1115
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4a6e0e36-b781-5d3e-6b51-602b22ae452f.5HIXT0o6A3hSOedUdSjQDAszVqS1oPLjIU0o%2FtCgsXk
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4a6e0e36-b781-5d3e-6b51-602b22ae452f.5HIXT0o6A3hSOedUdSjQDAszVqS1oPLjIU0o%2FtCgsXk
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ASm4ONreBXT5rUWArIq5FL7Bz7aI.CBCeERfcBEpXTdRrlP3gCsiYB%2BkQNnXakzfnlERWd3A
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ASm4ONreBXT5rUWArIq5FL7Bz7aI.CBCeERfcBEpXTdRrlP3gCsiYB%2BkQNnXakzfnlERWd3A
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICZaaWRHOoTU9VmUtQWLyeH7wbwKksEX_eZm7e17gYLfEHwYBCCLl--qBjABOgRyABfNQgSTfaRw.qOjsmEUySmZPqtg%2BLSN08NmctLxJEL%2BrYe0C2B1aJzA
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICZaaWRHOoTU9VmUtQWLyeH7wbwKksEX_eZm7e17gYLfEHwYBCCLl--qBjABOgRyABfNQgSTfaRw.qOjsmEUySmZPqtg%2BLSN08NmctLxJEL%2BrYe0C2B1aJzA
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5624008184892383403&KRTB&23339-5624008184892383403
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4553778613067360570&KRTB&23263-4553778613067360570&KRTB&23481-4553778613067360570
.pubmatic.com/ Name: PugT
Value: 1700514699
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7303655018573330571&KRTB&23369-7303655018573330571
.audrte.com/ Name: arcki2
Value: h66f6wEHZuGQp6fr1rYwlwt-w!20220908!1700514699187!ip#176.115.237.162
.audrte.com/ Name: arcki2_pubmatic
Value: 6431BC24-6095-4D44-B034-0167A1F61282!20220908!1700514699187
.betweendigital.com/ Name: ut
Value: ZVvLiwADODiGm4tOo7jl8G2do-PHoT8GSrU8Og==
.amazon-adsystem.com/ Name: ad-id
Value: A5OK6c-9EkdoiTKzuJOtZmg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidr.io/ Name: bito
Value: AAFnek7Kt5cAABQkVnV5Vg
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-Sm4ONreBXT5rUWArIq5FL7Bz7aI&KRTB&23334-Sm4ONreBXT5rUWArIq5FL7Bz7aI&KRTB&23417-Sm4ONreBXT5rUWArIq5FL7Bz7aI&KRTB&23426-Sm4ONreBXT5rUWArIq5FL7Bz7aI
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_b5bd6193-aac8-422a-910c-53a88605975e
.analytics.yahoo.com/ Name: IDSYNC
Value: 175w~2f5x
.yahoo.com/ Name: A3
Value: d=AQABBIvLW2UCEI-r-z5LiOlpMB8BOtwe-SYFEgEBAQEdXWVlZQAAAAAA_eMAAA&S=AQAAAlFpemPdpyQGe31kYad_nlg
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-ff63ff87-5e91-30d9-84a7-040e179a28a1
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-d739b3d9-9bbd-4be6-b712-c205141e1bfb
.audrte.com/ Name: arcki2_ddp2
Value: h66f6wEHZuGQp6fr1rYwlwt-w!20220908!1700514699364
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0sjAxMLU0NTQ3MBTiM9QtLDGOSiwq8jVPCQ8EAECw_nYlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0sjAxMLU0NTQ3MBTiM9QtLDGOSiwq8jVPCQ8EAECw_nYlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtobmBgamhiZmlpYmYCAP3QQ2YQAAAA
.w55c.net/ Name: wfivefivec
Value: sd3eNYYE1R5byr5
.casalemedia.com/ Name: CMID
Value: ZVvLi1OLnI88r8b70S.h5AAA
.casalemedia.com/ Name: CMPRO
Value: 1115
.w55c.net/ Name: matchcasale
Value: 5
.audrte.com/ Name: arcki2_adform
Value: 4553778613067360570!20220908!1700514699526
.ads.stickyadstv.com/ Name: UID
Value: 573fbe51dda028baf4d8646d144a9cb
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZVvLi1OLnI88r8b70S-h5AAABFsAAAIB
.dotomi.com/ Name: DotomiTest
Value: f040fa527981633
.turn.com/ Name: uid
Value: 7824266110080124504
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3103:u=1:x=1:i=1700514699:t=1700601099:v=2:sig=AQEEMBO8QboJ2gH5HNTjIUDy6nmWd8ro"
.linkedin.com/ Name: li_sugr
Value: 86228e40-282e-4cb0-99f5-c39347b4c2f3
.linkedin.com/ Name: bcookie
Value: "v=2&1f29cfef-8ceb-4e51-88d3-f095257f7abb"
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAI8nXjwvfpCQMGnzRPAAAAAAA&KRTB&22713-AAAI8nXjwvfpCQMGnzRPAAAAAAA&KRTB&22715-AAAI8nXjwvfpCQMGnzRPAAAAAAA&KRTB&23519-AAAI8nXjwvfpCQMGnzRPAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7824266110080124504&KRTB&23150-7824266110080124504&KRTB&23527-7824266110080124504
.contextweb.com/ Name: V
Value: V3LAQ0EYdtbs
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o3s|7dN.0.AAFnek7Kt5cAABQkVnV5Vg
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 065284337c6a8320
.smartadserver.com/ Name: pid
Value: 1285526550220035943
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAFnek7Kt5cAABQkVnV5Vg
.pubmatic.com/ Name: SPugT
Value: 1700514700
.liadm.com/ Name: lidid
Value: 16f15716-144c-4699-b31f-178aeb811deb
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFnek7Kt5cAABQkVnV5Vg

6 Console Messages

Source Level URL
Text
network error URL: https://novaya-pesn.com/template/buzzy/img/ep_naturalwhite.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://useast.quantumdex.io/auction/pbjs
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://useast.quantumdex.io/auction/pbjs
Message:
Failed to load resource: the server responded with a status of 500 ()
javascript error URL: https://tr.novaya-pesn.com/actors-and-187
Message:
Access to XMLHttpRequest at 'https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187' from origin 'https://tr.novaya-pesn.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Ftr.novaya-pesn.com%2Factors-and-187
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6431BC24-6095-4D44-B034-0167A1F61282&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23da06dcdb3da2ec45b32d919091d98f.safeframe.googlesyndication.com
a.audrte.com
a.novaya-pesn.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
adx.adform.net
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
c.mgid.com
c1.adform.net
cadmus.script.ac
casale-match.dotomi.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.onnetwork.tv
cdn.optad360.net
cdn.prod.uidapi.com
cdn.zx-adnet.com
cl.imghosts.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
core.iprom.net
cr.frontend.weborama.fr
cs-server-s2s.yellowblue.io
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dr5.biz
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
get.optad360.io
google-bidout-d.openx.net
gum.criteo.com
hbopenbid.pubmatic.com
i.clean.gg
i.liadm.com
i6.liadm.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
jsc.mgid.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mc.yandex.com
mc.yandex.ru
mwzeom.zeotap.com
novaya-pesn.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s-img.mgid.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
s7.addthis.com
script.4dex.io
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssp.disqus.com
ssp.wp.pl
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
std.wpcdn.pl
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.mathtag.com
sync.quantumdex.io
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tags.crwdcntrl.net
tpc.googlesyndication.com
tr.novaya-pesn.com
u.ipw.metadsp.co.uk
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
video.onnetwork.tv
web.hb.ad.cpe.dotomi.com
www.bigmp3db.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
a.tribalfusion.com
ad.mrtnsvr.com
b1sync.zemanta.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
csync.loopme.me
mwzeom.zeotap.com
pixel-eu.onaudience.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sync-tm.everesttech.net
sync.targeting.unrulymedia.com
uipglob.semasio.net
104.16.89.20
104.18.23.145
104.18.41.127
104.19.129.76
104.19.132.76
104.21.66.155
104.22.36.96
104.22.52.86
104.26.9.169
108.128.113.218
13.107.42.14
13.248.245.213
13.32.27.108
141.94.171.216
141.95.98.64
142.250.185.164
142.250.185.193
142.250.185.202
142.250.185.225
142.250.185.91
142.250.185.98
142.250.186.162
142.250.186.98
145.40.97.67
149.202.23.16
15.197.193.217
151.101.65.195
154.57.158.26
172.217.18.14
172.217.18.6
172.217.18.8
172.240.127.131
172.64.151.101
172.67.200.59
172.67.74.129
173.194.76.156
178.250.1.11
178.250.1.3
178.250.1.8
178.250.1.9
18.158.152.62
18.207.169.236
18.209.71.169
18.66.129.71
18.66.147.27
185.184.8.90
185.29.132.241
185.64.189.112
185.64.190.81
185.64.191.210
185.86.138.152
193.0.160.131
195.5.165.20
198.47.127.19
198.47.127.205
208.93.169.131
212.77.98.32
212.77.99.29
213.155.156.185
216.239.32.36
216.52.2.48
23.35.232.188
23.35.232.201
23.45.238.53
23.88.86.2
3.121.8.101
3.125.27.82
3.69.152.80
3.75.62.37
34.102.146.192
34.111.129.221
34.111.131.239
34.120.107.143
34.196.92.141
34.250.99.225
34.251.217.8
34.95.69.49
34.96.70.87
34.98.64.218
35.186.193.173
35.194.66.159
35.210.239.72
37.157.6.243
37.252.171.53
46.228.164.11
46.228.174.117
46.4.104.244
51.89.9.251
52.211.237.14
52.46.128.147
52.72.41.189
54.172.246.175
63.215.202.178
64.158.223.137
65.9.66.38
65.9.66.97
67.220.226.233
77.245.57.72
82.145.213.8
85.114.159.118
87.250.251.119
87.98.236.115
91.228.74.168
98.98.134.242
020330fc51bc5180e3f1e56e8f61b48f1429052a89cfaaaa670cc9ce23afe99e
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0aef6d385190c6cd117c389f93a73cb4a484a517677094feefe892a4b4acd610
0b2dc063ba0e3f0e238d1b63007bcad869cbe77032364ac931768592f99374f2
0b4e4093bf6c5d1cb1f5bb589f7885ab44aaee47d9dd3d4b8e511fa9e20117c3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d2b3bd2800f6bf8893b8fac164a8d4f89c5b6614355fbcff78488d06268ca18
117d88901f08b583794061e82c92fc27c51259be901f3b3b41b4a831f4ae13df
143fb7e49500b4ade69ff58ed08c9164439a9bd758d248a69e4d8431782995f8
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a3e74e33969dddfbdfcde0b5fc546d1038e813e44965e0b939114b2e8791194
1c4fb5582bf1a3ca33735ba810b439ba114f7e6db604ff4e5268ae01e6c509a5
1ef79311e4b86fbf397e3f97f1ae7dee32d1d6e747ff69bdfb82fc011db5eda0
1ffcd332e3ba9ca17685961744ad95a996079fc73be19c34aab467a85f730bec
21d8bd890b501da5f0287f9c95544d05fbd8e208a16a2815279c5ee2000990ca
231cfb8d8be9966b8cccfb0d4e78d51e5aabc9df5fdc6406ba647a316471ab75
2a4a15644ae1873ceaf6ab5d8d7ca7343a76bec25aa050d163f27f08998689fb
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b057c5c4022fd5cf5184f1578f350cd8df442b839fcad98bb1f4b06392dcda1
2d3ef39a39e929d58dd516c69fdf92be77348da047ec2eee4aa2a7f18c8a674c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
35c134e2c8cc7bd599b6f2985773112d691869f40ae74de91bbf63da16a901e8
3607dc412e2ebf671ca1fcf810337180f4c6559c47c554855eb7fafcc31b63c4
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3b1311b0326ee0705e9c57fd0e86fb027b7502c76b86409e6610ee206e5ae1fc
3b6e7208f0744c2abdb3f02d95efdcd5d07914f291ac5cda113bb1636bc86ec6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
401b09cb3ca787f3d467b20c2427e211b31612a8451e8665f6850b5bc7665d97
41acc67d4d33ea09ad89145cb8e953c64f49ea1b12f20d866d6e91ed79283fba
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44446142003a4ee6a8f867e5d629bad0a9191693e5c1afb8d64338440a4ba35d
452e787cf1975b70f1efca2fe6b7ba823a5c71ae639e470ecc92677f3ca5f3fd
45c456cf0ac5658c4f8012b1640ee09d1c83a478bc7608ef9fc24301bb2a42d5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
478db0126c643f9721fd465076a2d2fcfbb434520eb154db748a7d59c9d4a1b1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cc3035fc593283fdf4618e0fbc792aaabde6acacc9313b43b91cd7db6470f4
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4a436bbd41d8411c39bf48d35c3b9fd3a37a40610a6f932db2b7dd54571d8ab7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4caccae263586ccc78d271c272d0ef81a34609786efae24dd499b4d5cd3a11e7
4df305382dd096ade84af645f024dde242db1e2eb8657216a460ae6e498a7b35
4fbb34391124417f1861fef126cdcfadc1154022333f18a6758ec39cd0b9f649
50b68fd74483f074c35c84ff6e598c53b7eec94bacde55611833ac95af4ae697
51c86712e4508547b5a2f8771a44a83cbbde1b79b62248027c6a5c3a6ae72b99
52cfac95bcebef5fbcb26dd85699cc80f2147ad81f3dadc06d8dbabc6e8862fe
5367e0bb47613c700fc9baf850bd1378096e1fc69fe3ad76d9c59c1b278c1809
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54698ac2760d2dda8621bce7437e219b60dbb6d2ae4852d08bb852f8a23f6ec3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58d40beb6acd73685ddf5f1284dcbb0d5055b5ff3af31b10c9d7a81a400724f1
5aa20d67c7915f422627022b69af6d51d189b471f6f40a95994e76a9026fab7b
5bdae8f9339e4e37897aa62d7bfba461999dd92eafcfa09732378aa4e1e19071
5becbc34295ab9be0f0c1390a1477af83927d57b09c80576c1ea04edc593ac3e
5d7fb3f8787800686af4387c045112ab3100afacfca96bf2bcf6e745b2fcb5d3
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60e70619e42d5f5a364383d83867d95a84d0133e43b3cd2bc78942eb468c7d4e
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6212a4c6fd9be62d0795e3957471693cb344af6f21c2bbe0e957f3ed82520f1b
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
6399dd75dd3f10409534681afcd7670b3a3bb9d3a75da8e916a53005e668938b
641458e25c7fd62f86f4ed65b5b21d5d18414b8052c99c76da8060efc314dcc2
65012936d9047ff97d6cc799a532adf69538a35af1ab714e29380d13079a0e62
655d4902d8de9a3b83e47cfcd1273378ea464877f5f8754d32c77456756f1819
6631afa143e0e085bbdb7d0467871197fe21b9c5ba14846b2c93eb4445f53011
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67d96060ff7f2c3d764cc169fc0fa4d5b41c279a59827acff8c007d2e907ce0b
68dbc402b8d95b31ec11900b3b5aee781e46330beeec75070f60a40c03b402d9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6eef4c26ab4e5d5edbe2e80b3718a8f91d55ca9d2b5dc198a7e3069ea38631b8
70b7025cb6100ab483c277e672e4251a1dad637915a651fe928fe0b0770a9588
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7218a335f9f32d3de4f0a3b38825afcb3f74bbb2f482631d2ca0a84ca4e06e70
7260b4a4163f2e458b462ed77194205e12e7d8352f0ec3cb2e4d1475f7419a9a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73e47836372e910f6e294e3a3403d74f39a09bb3e2b14419d298fefa26c3bc17
7551e991789b07e3e2f4e75d66aba2e6a553a5209e2d8fe130983bf59563e738
7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a
77d9102b426f1487e8550ed41e3650f47d74c020c7486e2876f07698fc97bb88
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7c4f120367873619b148ceb9086319bf8c221fa66a3242dccb858644bf43a5ed
7da6f16b552410034c3d91335b39e020b00fcecdd1ed95d978f20f7b8ff1059d
7e2339092818f231534866164fcd1c18a7e14cb605d936046d258925cf62019c
7ebb9f63d23446ce69c8aecb0224795e26d3206488fb19596a3027926b95a63e
7f6bf7c646f219f2340340808ca7f78b9494b4636406b8c897eb319938358341
811aa8d7e1f75084dcc7fb01a031979bc61755846e1d331e9927f58d54196474
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
8a09c57b1692ed6aa8b83efe2fd3f93118596cd8c524436e84ebd503950ddc21
8a19d5065354bc8a69d35fae71d9f5712f927c27821f171872e8356f1a6e2186
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ee5d334ebd2c64f30ca8cb9b2f2939dd340fdb829983d3f4321f31903c3515f
902f47bc9eeb026da8cbcef8c7ec51aaa1f73bf7ca587c8694cceb36ff91a92e
9099559d4f7d03412bcd7d6f0f9e5f4143122f495c69d3c17abf72cd71eac18b
94fffb01d4114e281cf22b4a80b657cee4258915fad3f25a07f8a3598ea6b3c3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a4e808909d3e877fd542aa4c74e2516a4e20638c50c4e4b152b01c73be25a6a
a0170ec3c81176b1fe600398de58d422bd0b059407585b1df39822e0e1fa164d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1847be8fc35826d54656378c346058aad7c718d0c249b1b1a25d61087a87898
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a30e7252d57e5ae550e4fedc763705f388cb30b3aed0842d05254f48ba8f54fa
a38984a198599b1591841d6c6761f97f8ce5ded1336f31d975832be1b26f21c4
a39da727918230489f8fd2f87783a431815bbd44f5103a072b6d36f79b876886
a4a03b4c98b0ffdea7ca1fa7933370dfed088e88b6a873d84433c50f922c323b
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
a750b7acd808f5d63e7904cb75ef2f2011a999a868cb7592145158563b6fd1c3
a954dba3379d524aa44964b7dbe3bf3e278d4134fdf9130d00ad097ad35f6a2a
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aab9e2e7c2f73090b47d4bfd4c17c79b9cfbf629e28d86a15bd79c414d7e2ec4
abd11578fd012d2a4495aff014bd28944e0063e3e5976186d4f26c0a71ebe06c
ac8e8ffc35ba53190925d14ab161e6ca52390305a820f53dcd8acaf5fee759bb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed27abbf1a432cf2dfe0313082f6dc88ecae612ed398a4b69ed3243e6dbc454
af909eec9b0317d0054f8d90fd13ff7a6d85ecdd95723280059733078d93994d
afd0f29b4b5495d092c10dc6b7cfba7542f00870aeb505ece7058c69f2f55db8
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cdc8c6f17883f3d99d62175ebb41616a72e79b7fed998f4368b1073a6c6393
b6e47b120b010ac80e49042286b85180ab3ece70d0ae7bde82c260301bede967
b9871c4da882c5f49f62dfd347fa1bc902cc3f767a1491fde7d1a13a702429a6
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc330331cf5364e844b83cd7fc3f35181b62c13f665cc3af9def330e0b7d91bf
bcae1eafe7dbc9e2a14b52f720196b3971e17a01111adcb46849a31e564cc490
bcd829e405614a03bdfd57b5f4331eb23248393685c6914a33236bdf7471cc05
c008b2a628e401bb9cd25cbd27cf404952e816139bc554487c13fdb028817919
c1eafc3d22a0d69f110ef9abf06504f4393ea31fcf565cdd86c1cb0676d1d469
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c330c462e369aca6fb81ed6742343653b49b72a7abb20b9f583e520736d322d2
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c65120c5317fce7629eac40e21bd51412b9b1989b5d5beb296ed8f16df64e3b3
c7904b30f4ff577212dec430706a546c3f6887198ef31c4476e3817d91701584
c7a48e0276b8d6a607fa93f2a7ade5ea7861ecd774077dbce6cd7ef541c829fd
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cd96048ee00f0cc5fc666107a914b596b24cbc94d2c72f341911f92bae7c592c
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d13b157f124b7065fe4f20c7f555b53261d33fb5bf96f0ce9ed368d213a565c8
d44f9bab27f40063165a6e3ac52a108fa43aed8643cfbfe02e77864cc237fdd9
d8e3f62a467e12a94848aaa873ee1188cbbe7c639d62736fbea39ddf92fd2451
d916b8759d637dd3b11738d045e44e069e1027d860894dfffb6551f2b652038c
db7a1b2f53856e5a85b1b70c456ae0ab557672b6866895b3debdca6c45eca109
dc164ee288ef1239adcd706d655f5bb1ffd4ad0c69ba0d1b95e0160681fc8391
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df5b6bd376f5e693334a9fddf51ffd64145daadb11dabe2e6233e7d0d0c01efb
dfe0649d396c9d8151c5c9fb12a8c3c351cde94f9b0408b3bb50cb9d0b8e8f5f
e1f8733325d7b536b4ddff8f63c7309f2067cc0f48a9c6686aa14a8a1f1331e9
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e3963245c47318d911af859ba22df58e85985b7b9482fd1ad11a460d1a8ec2
e5a3d9d358f58158b5925f10862330064009683880e9249d261cffe76845eccd
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9ff1cc4fb6b9733a0ee58091c8f3b3cdadced3e81315630ea3b235773710082
ea22e731fdb97440f33d26f1972b5fca8f52fa76a7db5355fd25e398b72e4571
ea86bd0effd5b26bed1d372822e158069fef645ababcde3df43a79fdeaa3d6a3
eb4e6bd79ab4b2f118e47be3738c6e1ba971cb2edc6e26625f6d306254a157ef
ec19064eae4b9c8ff179af739826328ead4e43a599aac1cdfc759d228fb37e24
ec554103bf5e0b4462dffc405d746abdce3f805c081725f17b068c21dd1d1a5b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34150af888019516f9f89b26220a4a1bacfe398e566f16d56af199533bf0056
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f55a898cfca0f8e5b60a84d854f30979088f07d698c8f571029596524e04bd9d
fe5c82457a761c5111af9d2bfd63aaf6471fe4ae39dd83285cca6e8c23f503c7
ff66cf7bde270f743f86b2497208db2281f7b8743ad6e678e71f25c9161b525f