urlscan.io logo urlscan.io
SecurityTrails logo

rus.delfi.ee Open in urlscan Pro
185.20.100.194  Public Scan

Go To Rescan Add Verdict Report
URL: https://rus.delfi.ee/
Submission: On May 08 via manual from EE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 130 IPs in 18 countries across 127 domains to perform 641 HTTP transactions. The main IP is 185.20.100.194, located in Tallinn, Estonia and belongs to EKSPRESS-DIGITAL, EE. The main domain is rus.delfi.ee.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 30th 2020. Valid for: a year.
This is the only time rus.delfi.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.20.100.194 199328 (EKSPRESS-...)
47 185.20.100.195 199328 (EKSPRESS-...)
2 2a00:1450:400... 15169 (GOOGLE)
2 37.157.2.248 198622 (ADFORM)
35 185.20.100.192 199328 (EKSPRESS-...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 4 51.77.53.76 16276 (OVH)
2 2a03:2880:f00... 32934 (FACEBOOK)
3 52.142.85.218 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 37.157.4.23 198622 (ADFORM)
1 51.144.7.192 8075 (MICROSOFT...)
1 116.202.80.167 24940 (HETZNER-AS)
2 2a03:2880:f10... 32934 (FACEBOOK)
23 23 18.195.54.133 16509 (AMAZON-02)
3 3 188.165.4.142 16276 (OVH)
11 27 37.157.6.252 198622 (ADFORM)
37 49 142.250.74.194 15169 (GOOGLE)
3 3 151.80.63.13 16276 (OVH)
26 35 185.33.221.53 29990 (ASN-APPNEX)
5 5 159.65.197.210 14061 (DIGITALOC...)
4 8 52.49.40.147 16509 (AMAZON-02)
5 5 3.127.51.194 16509 (AMAZON-02)
6 193.200.125.237 43811 (TELIA-LIE...)
2 193.200.125.15 43811 (TELIA-LIE...)
6 65.9.86.127 16509 (AMAZON-02)
8 172.217.23.98 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
6 37.252.161.190 29990 (ASN-APPNEX)
2 185.184.8.30 204995 (RTB-HOUSE...)
1 13 34.98.64.218 15169 (GOOGLE)
2 185.86.138.121 201081 (SMARTADSE...)
4 6 216.52.2.48 29791 (VOXEL-DOT...)
2 213.19.162.41 3356 (LEVEL3)
2 178.250.2.131 44788 (ASN-CRITE...)
2 2.18.232.7 16625 (AKAMAI-AS)
8 22 188.42.191.196 7979 (SERVERS-COM)
15 2606:4700:e0:... 13335 (CLOUDFLAR...)
2 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a02:2638:1::3 44788 (ASN-CRITE...)
4 5 2620:116:800d... 16509 (AMAZON-02)
7 9 151.101.114.49 54113 (FASTLY)
1 1 81.222.128.214 20597 (ELTEL-AS)
1 1 80.64.106.149 20764 (RASCOM-AS...)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 2.18.235.93 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
5 6 2001:678:cb4:... 56396 (TURN)
4 4 18.197.133.56 16509 (AMAZON-02)
3 6 159.253.128.183 36351 (SOFTLAYER)
1 1 35.190.0.66 15169 (GOOGLE)
1 51.178.20.140 16276 (OVH)
1 52.208.100.147 16509 (AMAZON-02)
1 54.64.53.220 16509 (AMAZON-02)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 151.101.1.108 54113 (FASTLY)
14 104.111.230.142 16625 (AKAMAI-AS)
9 9 185.29.135.233 30419 (MEDIAMATH...)
11 16 76.223.111.131 16509 (AMAZON-02)
1 1 168.119.127.61 24940 (HETZNER-AS)
4 4 193.232.148.144 48061 (UMA-TECH-AS)
11 11 31.172.81.159 44066 (DE-FIRSTC...)
5 5 31.172.81.158 44066 (DE-FIRSTC...)
2 5.254.23.213 3223 (VOXILITY)
6 69.173.144.138 26667 (RUBICONPR...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
4 2a0c:5c81:513... 55081 (24SHELLS)
5 5 35.186.253.211 15169 (GOOGLE)
2 6 62.149.0.72 15497 (COLOCALL ...)
4 4 89.108.119.43 197695 (AS-REG)
2 2 31.172.81.160 44066 (DE-FIRSTC...)
3 7 2a02:6b8::90 13238 (YANDEX)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
13 2.18.233.180 16625 (AKAMAI-AS)
5 185.64.190.78 62713 (AS-PUBMATIC)
4 4 2606:4700:303... 13335 (CLOUDFLAR...)
4 4 23.79.143.124 16625 (AKAMAI-AS)
3 178.250.2.151 44788 (ASN-CRITE...)
3 213.155.156.180 1299 (TELIANET ...)
1 24 2606:4700:10:... 13335 (CLOUDFLAR...)
3 6 77.243.60.138 42697 (NETIC-AS)
4 4 35.201.96.126 15169 (GOOGLE)
2 185.64.189.249 62713 (AS-PUBMATIC)
15 185.64.190.80 62713 (AS-PUBMATIC)
1 34 185.64.189.110 62713 (AS-PUBMATIC)
7 2a00:1288:110... 34010 (YAHOO-IRD)
2 4 88.99.149.88 24940 (HETZNER-AS)
2 4 2001:6d0:4001... 52016 (TNSMSK-)
2 88.99.242.108 24940 (HETZNER-AS)
3 10 46.249.52.248 50673 (SERVERIUS-AS)
15 16 213.19.147.45 3356 (LEVEL3)
2 2 35.196.115.239 15169 (GOOGLE)
1 2 34.75.21.179 15169 (GOOGLE)
2 2 66.155.71.149 13768 (COGECO-PEER1)
12 46.249.52.249 50673 (SERVERIUS-AS)
9 5.178.65.252 50673 (SERVERIUS-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 9 3.221.146.169 14618 (AMAZON-AES)
4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 5 168.119.149.178 24940 (HETZNER-AS)
6 178.162.133.149 60781 (LEASEWEB-...)
11 11 18.156.0.31 16509 (AMAZON-02)
2 2 88.214.206.247 46636 (NATCOWEB)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
2 72.251.241.196 29791 (VOXEL-DOT...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 162.55.6.211 24940 (HETZNER-AS)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 198.148.27.140 19189 (PULSEPOINT)
2 169.197.150.7 398989 (DEEPINTENT)
3 185.64.189.114 62713 (AS-PUBMATIC)
2 2 34.205.3.24 14618 (AMAZON-AES)
4 4 66.155.71.25 13768 (COGECO-PEER1)
2 2 34.98.107.212 15169 (GOOGLE)
2 4 185.33.221.89 29990 (ASN-APPNEX)
2 2 54.77.19.59 16509 (AMAZON-02)
6 24 2.18.234.21 16625 (AKAMAI-AS)
4 51.89.9.253 16276 (OVH)
6 8 35.227.248.159 15169 (GOOGLE)
1 2 199.232.137.44 54113 (FASTLY)
1 154.57.158.50 26558 (FREEWHEEL)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
4 5 52.30.135.179 16509 (AMAZON-02)
1 3 18.198.69.109 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.101 24961 (MYLOC-AS ...)
4 11 52.30.14.23 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 52.58.248.2 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 34.255.31.14 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 54.165.137.101 14618 (AMAZON-AES)
1 2 52.95.123.41 16509 (AMAZON-02)
1 1 23.45.99.241 16625 (AKAMAI-AS)
2 54.76.71.14 16509 (AMAZON-02)
2 82.145.213.8 39832 (NO-OPERA)
2 4 52.46.130.13 16509 (AMAZON-02)
2 2 54.76.226.57 16509 (AMAZON-02)
1 1 54.174.195.234 14618 (AMAZON-AES)
3 185.64.190.81 62713 (AS-PUBMATIC)
2 65.9.73.35 16509 (AMAZON-02)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
2 51.15.145.115 12876 (Online SAS)
2 208.100.17.187 32748 (STEADFAST)
2 2 3.81.223.233 14618 (AMAZON-AES)
1 35.241.40.233 15169 (GOOGLE)
1 192.132.33.46 18568 (BIDTELLECT)
1 151.101.13.44 54113 (FASTLY)
1 38.27.122.126 174 (COGENT-174)
1 2 51.210.112.63 16276 (OVH)
2 2 54.78.254.47 16509 (AMAZON-02)
1 1 34.231.187.28 14618 (AMAZON-AES)
1 52.57.150.20 16509 (AMAZON-02)
641 130
1    185.20.100.194 (Tallinn, Estonia)

ASN199328 (EKSPRESS-DIGITAL, EE)
PTR: proxy3.delfi.ee
rus.delfi.ee
47    185.20.100.195 (Tallinn, Estonia)

ASN199328 (EKSPRESS-DIGITAL, EE)
PTR: proxy4.delfi.ee
g.nh.ee
g.delfi.ee
h.delfi.ee
ts.delfi.ee
af1.nh.ee
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
35    185.20.100.192 (Tallinn, Estonia)

ASN199328 (EKSPRESS-DIGITAL, EE)
PTR: proxy1.delfi.ee
g1.nh.ee
1    2a02:26f0:6c00:2a7::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
13    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:6c00:2bf::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
scdn.cxense.com
4    51.77.53.76 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: ns31075284.ip-51-77-53.eu
gaee.hit.gemius.pl
2    2a03:2880:f006:21:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    52.142.85.218 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
s.delfi.ee
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
18    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
track.adform.net
1    51.144.7.192 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.cintnetworks.com
1    116.202.80.167 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.167.80.202.116.clients.your-server.de
scomcluster.cxense.com
2    2a03:2880:f106:83:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
23    18.195.54.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
3    188.165.4.142 (France)

ASN16276 (OVH, FR)
green.erne.co
27    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
cm.adform.net
c1.adform.net
dmp.adform.net
49    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
3    151.80.63.13 (Roubaix, France)

ASN16276 (OVH, FR)
sync.clickonometrics.pl
35    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
5    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
8    52.49.40.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-40-147.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
5    3.127.51.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
6    193.200.125.237 (Lithuania)

ASN43811 (TELIA-LIETUVA, LT)
PTR: 193-200-125-237.cust.interdata.lt
keytarget.adnet.lt
2    193.200.125.15 (Lithuania)

ASN43811 (TELIA-LIETUVA, LT)
PTR: 193-200-125-15.cust.interdata.lt
banners.adnetmedia.lt
6    65.9.86.127 (United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
8    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2606:4700:10::6816:15d (United States)

ASN13335 (CLOUDFLARENET, US)
boot.pbstck.com
intake.pbstck.com
3    2606:4700:10::ac43:1997 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pbstck.com
intake.pbstck.com
6    37.252.161.190 (Bethnal Green, United Kingdom)

ASN29990 (ASN-APPNEX, US)
prebid.adnxs.com
2    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
prebid-eu.creativecdn.com
13    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
adnet-d.openx.net
eu-u.openx.net
us-u.openx.net
2    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
6    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    213.19.162.41 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
22    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
15    2606:4700:e0::ac40:6208 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adxpremium.services
user-sync.adxpremium.services
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
14    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
10    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
3    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
4    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
pixel.quantserve.com
9    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
ssp.adriver.ru
1    80.64.106.149 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
google-sync.rutarget.ru
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
cs.media.net
1    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
r.turn.com
4    18.197.133.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
6    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.travelaudience.com
1    51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu
c.eu1.dyntrk.com
1    52.208.100.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ads.yieldmo.com
1    54.64.53.220 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
cc.adingo.jp
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
14    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
9    185.29.135.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
16    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    168.119.127.61 (Germany)

ASN24940 (HETZNER-AS, DE)
bidswitch-eu.splicky.com
4    193.232.148.144 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
px.adhigh.net
11    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
5    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
2    5.254.23.213 (Frankfurt am Main, Germany)

ASN3223 (VOXILITY, GB)
cache.betweendigital.com
6    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
5    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
6    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
sync.adtelligent.com
4    89.108.119.43 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru
x01.aidata.io
2    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.sniperlog.ru
7    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
3    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
13    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    2606:4700:3033::ac43:dcda (United States)

ASN13335 (CLOUDFLARENET, US)
dmp.rtbsrv.com
4    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
3    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    213.155.156.180 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
24    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
6    77.243.60.138 (Hjørring, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
2    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
15    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
34    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
7    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
4    88.99.149.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dmc-test-dn3
sync.1dmp.io
4    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
2    88.99.242.108 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: a02.smtp.rees46.com
api.rees46.com
10    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
ads.us.e-planning.net
sync.e-planning.net
16    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
usermatch.targeting.unrulymedia.com
sync.1rx.io
sync.targeting.unrulymedia.com
2    35.196.115.239 (North Charleston, United States)

ASN15169 (GOOGLE, US)
kdmp.kbntx.ch
2    34.75.21.179 (North Charleston, United States)

ASN15169 (GOOGLE, US)
sync.dmp.kubient.net
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
12    46.249.52.249 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
u-ams02.e-planning.net
9    5.178.65.252 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
s.e-planning.net
2    2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
9    3.221.146.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
a.audrte.com
4    2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
pubmatic-match.dotomi.com
5    168.119.149.178 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.149.119.168.clients.your-server.de
sync.richaudience.com
6    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
11    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700:3039::6815:c06d (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    162.55.6.211 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.211.6.55.162.clients.your-server.de
csync.loopme.me
4    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
3    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    34.205.3.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
4    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
4    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
2    54.77.19.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
24    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
4    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
8    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
2    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
1    154.57.158.50 (United States)

ASN26558 (FREEWHEEL, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b002:ebbe:4057:3491:6f67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
5    52.30.135.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
3    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
loadeu.exelator.com
loadm.exelator.com
1    151.1.205.165 (Bellagio, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
idsync.frontend.weborama.fr
1    89.163.159.101 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
11    52.30.14.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
cms.analytics.yahoo.com
1    52.58.248.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
2    34.255.31.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
beacon.krxd.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    54.165.137.101 (United States)

ASN14618 (AMAZON-AES, US)
usermatch.krxd.net
2    52.95.123.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    54.76.71.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
t.adx.opera.com
4    52.46.130.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    54.76.226.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    54.174.195.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacon.lynx.cognitivlabs.com
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    65.9.73.35 (United States)

ASN16509 (AMAZON-02, US)
tags.crwdcntrl.net
14    2606:4700:20::681a:24e (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
2    51.15.145.115 (Paris, France)

ASN12876 (Online SAS, FR)
js.cookieless-data.com
2    208.100.17.187 (United States)

ASN32748 (STEADFAST, US)
ic.tynt.com
2    3.81.223.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
1    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
dmp.brand-display.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
match.taboola.com
1    38.27.122.126 (United States)

ASN174 (COGENT-174, US)
match.bnmla.com
2    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: ns3174889.ip-51-210-112.eu
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
loada.exelator.com
1    34.231.187.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
1    52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ps.eyeota.net
Apex Domain
Subdomains		 Transfer
75 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
aud.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
183 KB
73 nh.ee
g.nh.ee
g1.nh.ee
af1.nh.ee
2 MB
58 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
securepubads.g.doubleclick.net
305 KB
47 adnxs.com
ib.adnxs.com
prebid.adnxs.com
acdn.adnxs.com
secure.adnxs.com
70 KB
47 adform.net
s1.adform.net
adx.adform.net
cm.adform.net
track.adform.net
c1.adform.net
dmp.adform.net
58 KB
31 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
s.e-planning.net
sync.e-planning.net
37 KB
28 googlesyndication.com
29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
tpc.googlesyndication.com
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
pagead2.googlesyndication.com
86 KB
28 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
secure-assets.rubiconproject.com
78 KB
28 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn1.gstatic.com
426 KB
24 casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
31 KB
24 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
9 KB
24 betweendigital.com
ads.betweendigital.com
cache.betweendigital.com
10 KB
23 bidswitch.net
x.bidswitch.net
8 KB
19 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
13 KB
18 openx.net
adnet-d.openx.net
eu-u.openx.net
us-u.openx.net
rtb.openx.net
4 KB
16 adsrvr.org
match.adsrvr.org
7 KB
15 adxpremium.services
rtb.adxpremium.services
user-sync.adxpremium.services
17 KB
14 quantumdex.io
sync.quantumdex.io
7 KB
13 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
sync.crwdcntrl.net
28 KB
13 delfi.ee
rus.delfi.ee
g.delfi.ee
h.delfi.ee
s.delfi.ee
ts.delfi.ee
365 KB
12 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
76 KB
11 bumlam.com
sync.bumlam.com
7 KB
10 1rx.io
sync.1rx.io
6 KB
10 adtelligent.com
s.adtelligent.com
sync.adtelligent.com
5 KB
10 mathtag.com
sync.mathtag.com
pixel.mathtag.com
5 KB
9 audrte.com
a.audrte.com
11 KB
9 everesttech.net
sync-tm.everesttech.net
2 KB
8 tapad.com
pixel.tapad.com
3 KB
8 bidr.io
match.prod.bidr.io
4 KB
7 yandex.ru
an.yandex.ru
2 KB
6 sonobi.com
sync.go.sonobi.com
3 KB
6 sitescout.com
pixel.sitescout.com
pixel-sync.sitescout.com
2 KB
6 unrulymedia.com
usermatch.targeting.unrulymedia.com
sync.targeting.unrulymedia.com
3 KB
6 semasio.net
uipglob.semasio.net
4 KB
6 simpli.fi
um.simpli.fi
3 KB
6 turn.com
ad.turn.com
r.turn.com
3 KB
6 criteo.com
bidder.criteo.com
gum.criteo.com
dis.criteo.com
1 KB
6 lijit.com
ap.lijit.com
4 KB
6 pbstck.com
boot.pbstck.com
cdn.pbstck.com
intake.pbstck.com
91 KB
6 adnet.lt
keytarget.adnet.lt
508 KB
5 exelator.com
loadeu.exelator.com
loada.exelator.com
loadm.exelator.com
4 KB
5 demdex.net
dpm.demdex.net
5 KB
5 richaudience.com
sync.richaudience.com
1 KB
5 adsniper.ru
sync3.adsniper.ru
3 KB
5 quantserve.com
cms.quantserve.com
pixel.quantserve.com
2 KB
5 creative-serving.com
ads.creative-serving.com
3 KB
5 bidtheatre.com
match.adsby.bidtheatre.com
3 KB
4 onetag-sys.com
onetag-sys.com
3 KB
4 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
4 dotomi.com
prebid-match.dotomi.com
pubmatic-match.dotomi.com
413 B
4 tns-counter.ru
www.tns-counter.ru
1 KB
4 1dmp.io
sync.1dmp.io
2 KB
4 fiftyt.com
visitor.fiftyt.com
2 KB
4 rtbsrv.com
dmp.rtbsrv.com
3 KB
4 aidata.io
x01.aidata.io
2 KB
4 adhigh.net
px.adhigh.net
2 KB
4 w55c.net
pm.w55c.net
3 KB
4 criteo.net
static.criteo.net
103 KB
4 googletagservices.com
www.googletagservices.com
126 KB
4 google.com
www.google.com
adservice.google.com
782 B
4 gemius.pl
gaee.hit.gemius.pl
12 KB
4 googleapis.com
fonts.googleapis.com
3 KB
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
935 B
3 taboola.com
trc.taboola.com
match.taboola.com
708 B
3 adition.com
dsp.adfarm1.adition.com
2 KB
3 de17a.com
d5p.de17a.com
402 B
3 connectad.io
cdn.connectad.io
sync-eu.connectad.io
2 KB
3 clickonometrics.pl
sync.clickonometrics.pl
2 KB
3 erne.co
green.erne.co
945 B
3 cxense.com
cdn.cxense.com
scdn.cxense.com
scomcluster.cxense.com
32 KB
2 onaudience.com
pixel.onaudience.com
733 B
2 advangelists.com
nep.advangelists.com
464 B
2 tynt.com
ic.tynt.com
2 cookieless-data.com
js.cookieless-data.com
734 B
2 adroll.com
d.adroll.com
223 B
2 opera.com
t.adx.opera.com
784 B
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
75 B
2 weborama.fr
idsync.frontend.weborama.fr
844 B
2 tidaltv.com
sync.tidaltv.com
791 B
2 gumgum.com
rtb.gumgum.com
670 B
2 playground.xyz
ads.playground.xyz
729 B
2 stackadapt.com
sync.srv.stackadapt.com
1 KB
2 deepintent.com
match.deepintent.com
83 B
2 contextweb.com
bh.contextweb.com
906 B
2 loopme.me
csync.loopme.me
390 B
2 ad4m.at
ad4m.at
1 KB
2 adgrx.com
cm.adgrx.com
816 B
2 admanmedia.com
cs.admanmedia.com
856 B
2 navdmp.com
tag.navdmp.com
8 KB
2 kubient.net
sync.dmp.kubient.net
930 B
2 kbntx.ch
kdmp.kbntx.ch
819 B
2 rees46.com
api.rees46.com
315 B
2 sniperlog.ru
sync3.sniperlog.ru
594 B
2 google.fr
adservice.google.fr
921 B
2 teads.tv
a.teads.tv
492 B
2 smartadserver.com
prg.smartadserver.com
640 B
2 creativecdn.com
prebid-eu.creativecdn.com
348 B
2 adnetmedia.lt
banners.adnetmedia.lt
23 KB
2 facebook.com
www.facebook.com
450 B
2 facebook.net
connect.facebook.net
97 KB
2 google-analytics.com
www.google-analytics.com
19 KB
1 eyeota.net
ps.eyeota.net
1 KB
1 ipredictive.com
sync.ipredictive.com
522 B
1 bnmla.com
match.bnmla.com
114 B
1 bttrack.com
bttrack.com
380 B
1 brand-display.com
dmp.brand-display.com
253 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
377 B
1 bluekai.com
tags.bluekai.com
346 B
1 mookie1.com
odr.mookie1.com
324 B
1 agkn.com
aa.agkn.com
379 B
1 theadex.com
dmp.theadex.com
378 B
1 bemail.it
bn01.er.bemail.it
659 B
1 fwmrm.net
dmp.v.fwmrm.net
361 B
1 rfihub.com
p.rfihub.com
772 B
1 splicky.com
bidswitch-eu.splicky.com
221 B
1 adingo.jp
cc.adingo.jp
44 B
1 yieldmo.com
ads.yieldmo.com
35 B
1 dyntrk.com
c.eu1.dyntrk.com
215 B
1 travelaudience.com
ads.travelaudience.com
608 B
1 2mdn.net
s0.2mdn.net
396 B
1 media.net
cs.media.net
1 KB
1 adkernel.com
dsp.adkernel.com
233 B
1 rutarget.ru
google-sync.rutarget.ru
581 B
1 adriver.ru
ssp.adriver.ru
342 B
1 cintnetworks.com
c.cintnetworks.com
257 B
1 google.de
www.google.de
107 B
0 clientgear.com Failed
event.clientgear.com Failed
641 127
Domain Requested by
49 cm.g.doubleclick.net 37 redirects rus.delfi.ee
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
eu-u.openx.net
bcp.crwdcntrl.net
35 ib.adnxs.com 26 redirects keytarget.adnet.lt
acdn.adnxs.com
spl.zeotap.com
35 g1.nh.ee rus.delfi.ee
34 simage2.pubmatic.com 1 redirects ads.pubmatic.com
ads.us.e-planning.net
image6.pubmatic.com
28 g.nh.ee rus.delfi.ee
g.nh.ee
23 x.bidswitch.net 23 redirects
22 ads.betweendigital.com 8 redirects rus.delfi.ee
keytarget.adnet.lt
ads.betweendigital.com
18 mwzeom.zeotap.com 1 redirects ads.pubmatic.com
spl.zeotap.com
ads.us.e-planning.net
16 dsum-sec.casalemedia.com 4 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
16 match.adsrvr.org 11 redirects eu-u.openx.net
ssum.casalemedia.com
ssum-sec.casalemedia.com
15 image2.pubmatic.com ads.pubmatic.com
image6.pubmatic.com
15 cm.adform.net 1 redirects rus.delfi.ee
14 sync.quantumdex.io ads.us.e-planning.net
sync.quantumdex.io
ssum-sec.casalemedia.com
14 eus.rubiconproject.com keytarget.adnet.lt
eus.rubiconproject.com
cache.betweendigital.com
ads.us.e-planning.net
user-sync.adxpremium.services
14 tpc.googlesyndication.com securepubads.g.doubleclick.net
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
tpc.googlesyndication.com
13 ads.pubmatic.com user-sync.adxpremium.services
ads.pubmatic.com
ads.us.e-planning.net
13 track.adform.net af1.nh.ee
rus.delfi.ee
12 u-ams02.e-planning.net ads.us.e-planning.net
ads.pubmatic.com
ssum.casalemedia.com
11 ups.analytics.yahoo.com 11 redirects
11 sync.bumlam.com 11 redirects
11 rtb.adxpremium.services keytarget.adnet.lt
s.adtelligent.com
ads.pubmatic.com
ads.us.e-planning.net
10 sync.1rx.io 10 redirects
10 c1.adform.net 9 redirects image6.pubmatic.com
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.gstatic.com
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
tpc.googlesyndication.com
rus.delfi.ee
10 af1.nh.ee adx.adform.net
rus.delfi.ee
af1.nh.ee
9 a.audrte.com 4 redirects ads.us.e-planning.net
a.audrte.com
9 s.e-planning.net ads.us.e-planning.net
9 sync.mathtag.com 9 redirects
9 sync-tm.everesttech.net 7 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
8 pixel.tapad.com 6 redirects ads.us.e-planning.net
image6.pubmatic.com
8 www.gstatic.com 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
8 securepubads.g.doubleclick.net keytarget.adnet.lt
securepubads.g.doubleclick.net
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
8 match.prod.bidr.io 4 redirects rus.delfi.ee
ads.pubmatic.com
ssum-sec.casalemedia.com
image6.pubmatic.com
7 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
7 an.yandex.ru 3 redirects
7 eu-u.openx.net 1 redirects keytarget.adnet.lt
eu-u.openx.net
7 encrypted-tbn0.gstatic.com 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
7 fonts.gstatic.com fonts.googleapis.com
7 g.delfi.ee rus.delfi.ee
g.delfi.ee
g.nh.ee
6 bcp.crwdcntrl.net 4 redirects ssum.casalemedia.com
tags.crwdcntrl.net
6 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
6 sync.go.sonobi.com ads.us.e-planning.net
sync.quantumdex.io
6 uipglob.semasio.net 3 redirects ads.pubmatic.com
6 sync.adtelligent.com 2 redirects s.adtelligent.com
6 token.rubiconproject.com eus.rubiconproject.com
6 um.simpli.fi 3 redirects ads.pubmatic.com
image6.pubmatic.com
6 ap.lijit.com 4 redirects keytarget.adnet.lt
6 prebid.adnxs.com keytarget.adnet.lt
rus.delfi.ee
6 c.amazon-adsystem.com keytarget.adnet.lt
c.amazon-adsystem.com
6 keytarget.adnet.lt rus.delfi.ee
keytarget.adnet.lt
5 sync.crwdcntrl.net bcp.crwdcntrl.net
5 dpm.demdex.net 4 redirects ssum.casalemedia.com
5 sync.e-planning.net ads.us.e-planning.net
sync.quantumdex.io
5 sync.richaudience.com 2 redirects ads.us.e-planning.net
spl.zeotap.com
5 sync.targeting.unrulymedia.com 4 redirects
5 ads.us.e-planning.net 3 redirects user-sync.adxpremium.services
5 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
5 rtb.openx.net 5 redirects
5 sync3.adsniper.ru 5 redirects
5 ad.turn.com 5 redirects
5 ads.creative-serving.com 5 redirects
5 match.adsby.bidtheatre.com 5 redirects
5 adx.adform.net rus.delfi.ee
s1.adform.net
keytarget.adnet.lt
4 s.amazon-adsystem.com 2 redirects ssum.casalemedia.com
4 ssum-sec.casalemedia.com ssum.casalemedia.com
sync.quantumdex.io
4 onetag-sys.com cache.betweendigital.com
sync.quantumdex.io
4 ssum.casalemedia.com 2 redirects ads.us.e-planning.net
4 secure.adnxs.com 2 redirects ssum-sec.casalemedia.com
4 pixel-sync.sitescout.com 4 redirects
4 www.tns-counter.ru 2 redirects
4 sync.1dmp.io 2 redirects
4 visitor.fiftyt.com 4 redirects
4 secure-assets.rubiconproject.com 4 redirects
4 dmp.rtbsrv.com 4 redirects
4 x01.aidata.io 4 redirects
4 s.adtelligent.com user-sync.adxpremium.services
4 px.adhigh.net 4 redirects
4 us-u.openx.net eu-u.openx.net
4 pixel.quantserve.com 4 redirects
4 user-sync.adxpremium.services keytarget.adnet.lt
user-sync.adxpremium.services
4 pm.w55c.net 4 redirects
4 static.criteo.net keytarget.adnet.lt
static.criteo.net
4 www.googletagservices.com securepubads.g.doubleclick.net
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
4 gaee.hit.gemius.pl 1 redirects g.nh.ee
gaee.hit.gemius.pl
rus.delfi.ee
4 fonts.googleapis.com rus.delfi.ee
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
3 simage4.pubmatic.com ads.pubmatic.com
3 image4.pubmatic.com ads.pubmatic.com
3 dsp.adfarm1.adition.com 3 redirects
3 d5p.de17a.com ads.pubmatic.com
image6.pubmatic.com
3 dis.criteo.com ads.pubmatic.com
image6.pubmatic.com
3 encrypted-tbn3.gstatic.com 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
3 sync.clickonometrics.pl 3 redirects
3 green.erne.co 3 redirects
3 s.delfi.ee g.nh.ee
rus.delfi.ee
2 loadm.exelator.com 1 redirects ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 nep.advangelists.com 2 redirects
2 ic.tynt.com sync.quantumdex.io
2 js.cookieless-data.com s.e-planning.net
2 tags.crwdcntrl.net s.e-planning.net
2 d.adroll.com 2 redirects
2 t.adx.opera.com
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com spl.zeotap.com
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 trc.taboola.com 1 redirects spl.zeotap.com
2 dmp.adform.net 1 redirects spl.zeotap.com
2 rtb.gumgum.com 2 redirects
2 ads.playground.xyz 2 redirects
2 pubmatic-match.dotomi.com ads.pubmatic.com
2 sync.srv.stackadapt.com 2 redirects
2 match.deepintent.com ads.pubmatic.com
image6.pubmatic.com
2 bh.contextweb.com 2 redirects
2 s.tribalfusion.com ads.pubmatic.com
image6.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 csync.loopme.me 2 redirects
2 ad4m.at ads.pubmatic.com
image6.pubmatic.com
2 cm.adgrx.com ads.pubmatic.com
image6.pubmatic.com
2 cs.admanmedia.com 2 redirects
2 prebid-match.dotomi.com ads.us.e-planning.net
2 tag.navdmp.com ads.us.e-planning.net
2 pixel.sitescout.com 2 redirects
2 sync.dmp.kubient.net 1 redirects
2 kdmp.kbntx.ch 2 redirects
2 api.rees46.com
2 aud.pubmatic.com ads.pubmatic.com
2 cdn.connectad.io user-sync.adxpremium.services
2 sync3.sniperlog.ru 2 redirects
2 cache.betweendigital.com ads.betweendigital.com
2 acdn.adnxs.com keytarget.adnet.lt
2 encrypted-tbn2.gstatic.com 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
2 intake.pbstck.com rus.delfi.ee
2 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.fr securepubads.g.doubleclick.net
2 pixel.rubiconproject.com rus.delfi.ee
keytarget.adnet.lt
2 a.teads.tv keytarget.adnet.lt
2 bidder.criteo.com keytarget.adnet.lt
2 fastlane.rubiconproject.com keytarget.adnet.lt
2 prg.smartadserver.com keytarget.adnet.lt
2 adnet-d.openx.net keytarget.adnet.lt
2 prebid-eu.creativecdn.com keytarget.adnet.lt
2 cdn.pbstck.com boot.pbstck.com
2 boot.pbstck.com keytarget.adnet.lt
2 banners.adnetmedia.lt rus.delfi.ee
2 www.facebook.com rus.delfi.ee
2 www.google.com rus.delfi.ee
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
2 connect.facebook.net g.nh.ee
connect.facebook.net
2 www.google-analytics.com g.nh.ee
2 s1.adform.net rus.delfi.ee
1 ps.eyeota.net
1 sync.ipredictive.com 1 redirects
1 match.bnmla.com image6.pubmatic.com
1 match.taboola.com image6.pubmatic.com
1 bttrack.com ssum-sec.casalemedia.com
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 tags.bluekai.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 usermatch.targeting.unrulymedia.com 1 redirects
1 sync-eu.connectad.io cdn.connectad.io
1 p.rfihub.com 1 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 gum.criteo.com static.criteo.net
1 cc.adingo.jp 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
1 ads.yieldmo.com 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
1 c.eu1.dyntrk.com 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 r.turn.com rus.delfi.ee
1 s0.2mdn.net 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
1 cs.media.net 1 redirects
1 dsp.adkernel.com 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
1 google-sync.rutarget.ru 1 redirects
1 ssp.adriver.ru 1 redirects
1 cms.quantserve.com 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
1 encrypted-tbn1.gstatic.com 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
1 scomcluster.cxense.com rus.delfi.ee
1 c.cintnetworks.com rus.delfi.ee
1 ts.delfi.ee rus.delfi.ee
1 www.google.de rus.delfi.ee
1 stats.g.doubleclick.net g.nh.ee
1 scdn.cxense.com g.nh.ee
1 h.delfi.ee rus.delfi.ee
1 cdn.cxense.com rus.delfi.ee
1 rus.delfi.ee
0 event.clientgear.com Failed ads.pubmatic.com
641 198
Subject Issuer Validity Valid
*.rus.delfi.ee
Sectigo RSA Domain Validation Secure Server CA		 2020-12-30 -
2022-01-30		 a year crt.sh
*.nh.ee
Sectigo RSA Domain Validation Secure Server CA		 2020-05-08 -
2021-07-07		 a year crt.sh
*.delfi.ee
Sectigo RSA Domain Validation Secure Server CA		 2020-05-08 -
2021-07-07		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.cxense.com
DigiCert SHA2 Secure Server CA		 2020-03-11 -
2021-06-10		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2019-09-11 -
2021-09-24		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
s.delfi.ee
R3		 2021-02-23 -
2021-05-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.cintnetworks.com
DigiCert SHA2 Secure Server CA		 2020-09-21 -
2021-10-23		 a year crt.sh
*.adform.net
DigiCert SHA2 Secure Server CA		 2020-04-02 -
2021-06-02		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
keytarget.adnet.lt
Sectigo RSA Organization Validation Secure Server CA		 2021-05-06 -
2022-05-06		 a year crt.sh
*.adnetmedia.lt
Sectigo RSA Organization Validation Secure Server CA		 2020-10-28 -
2021-11-07		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
pbstck.com
Cloudflare Inc ECC CA-3		 2020-09-04 -
2021-09-04		 a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2020-03-29 -
2022-03-29		 2 years crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
teads.tv
R3		 2021-05-04 -
2021-08-02		 3 months crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-07 -
2021-07-07		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
c.eu1.dyntrk.com
R3		 2021-04-11 -
2021-07-10		 3 months crt.sh
*.yieldmo.com
Amazon		 2020-06-23 -
2021-07-23		 a year crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-26 -
2022-04-14		 a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-16 -
2022-03-17		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-08 -
2022-02-05		 2 years crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-04-07 -
2021-07-06		 3 months crt.sh
sync.adtelligent.com
R3		 2021-04-06 -
2021-07-05		 3 months crt.sh
bs.yandex.ru
Yandex CA		 2020-12-17 -
2021-06-17		 6 months crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2020-06-16 -
2021-06-16		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
sync.1dmp.io
R3		 2021-03-27 -
2021-06-25		 3 months crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018		 2020-11-10 -
2021-12-12		 a year crt.sh
api.rees46.com
R3		 2021-03-14 -
2021-06-12		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
sync.dmp.kubient.net
R3		 2021-04-06 -
2021-07-05		 3 months crt.sh
*.e-planning.net
R3		 2021-03-26 -
2021-06-24		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
onetag-sys.com
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.redinuid.imrworldwide.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
*.adx.opera.com
DigiCert SHA2 High Assurance Server CA		 2020-05-18 -
2021-05-26		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
js.cookieless-data.com
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.onaudience.com
Certyfikat SSL		 2020-05-28 -
2021-05-28		 a year crt.sh
*.eyeota.net
R3		 2021-04-29 -
2021-07-28		 3 months crt.sh

This page contains 105 frames:

Primary Page: https://rus.delfi.ee/
Frame ID: 00F2FAC72134B762C10AA119A907610C
Requests: 102 HTTP requests in this frame

Frame: https://adx.adform.net/adx/?mid=562979&mkw=channel_vue,channel_rudelfi,channel_frontpage,rudelfi_frontpage,logged_out&mkv=channel:rudelfi,network:4g,screen_width:1600,screen_height:1200,locale:et_EE,position:pos_001,chn_pos:rudelfi_001,chn_fp_pos:rudelfi_001&adid=ec5fb8d3-9de2-479f-9ec2-24af01c69b7b
Frame ID: EE215E7FC08CC0863F6658DADF138F55
Requests: 2 HTTP requests in this frame

Frame: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Frame ID: B0B5A9054A1EB69437EA6BAE46833681
Requests: 9 HTTP requests in this frame

Frame: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Frame ID: 6CB91B85BD390D42039D92D74C38CAE1
Requests: 10 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/146996/2932089/siteheader.js?bn=45642394;v=1
Frame ID: CF66BED9B8B159030460A499D8B94659
Requests: 16 HTTP requests in this frame

Frame: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Frame ID: C2B7CC2A4669185552B8D66E84CE7DDE
Requests: 40 HTTP requests in this frame

Frame: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Frame ID: 8F6912B9EA96BE6E495FB02E5546D9CE
Requests: 40 HTTP requests in this frame

Frame: https://af1.nh.ee/Banners/Elements/Files/151234/9584833/main/9584833.js?ADFassetID=9584833&bv=771
Frame ID: D3F65D1329B2FA3814ECA90ADBE72DED
Requests: 3 HTTP requests in this frame

Frame: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: D5DFD0879C02EFAE7A190BAAD18F91D7
Requests: 21 HTTP requests in this frame

Frame: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 1DBF19231460986AA9E3D3AF69D15384
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 0FBA9D56BFCDF2B00B07E8E5C3F0516E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6377C48F776B4DFE880479091B8EA82C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 506A12FA39F9FA3E6E411AD0F4F4CE5E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 575FE018904E5AB8CB96D7F32D65287A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=rus.delfi.ee
Frame ID: 7DFB68A045C3733C966FED2FA58AFD67
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0C63D455CB1D8F1E83F0019D21C90FE8
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Frame ID: F9EA957FFACE0EDAD1661C81E7606114
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 088809486E92F4F49110759DBF06BA15
Requests: 3 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Frame ID: A27ABCCB4EB3D505F22EE1B937AFED47
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Frame ID: F495278EA87A7FD7F5DF4225F262D6AD
Requests: 5 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Frame ID: 80C04548AA7AEC762BA6BC8C964A8198
Requests: 7 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Frame ID: 8B463EC5E7253B16D9C73CA873867D38
Requests: 4 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 7229B56F50E5970FBAF77F22D4307B36
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B9EBCEAB10EB074B6733DA811D385E38
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 64659F9B9DF9357D44233570A9ACA706
Requests: 3 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=04a15c81-ae22-5280-80ca-3c91e05c53f5&CACHEBUSTER=952735
Frame ID: 293A371BB167D4BB15543EC8639BD631
Requests: 10 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=04a15c81-ae22-5280-80ca-3c91e05c53f5&CACHEBUSTER=848224
Frame ID: 67721410CDEEB5B8556D61DD7B8F56B2
Requests: 10 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=601760
Frame ID: 7E6E8E2F4D70D67D1816EB8E6F2F3E59
Requests: 4 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=601760
Frame ID: 2BBEDCFF8256295B68431770E5035049
Requests: 4 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: F63A2C9BC2735E05065152A6CF4E3469
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 889708DF320FEDB433441737BBD3A174
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: E3E639EEED77520CCA0533DEF92FF908
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: D6DEFBEDABF385E4F04B419F6FE4F527
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 472520D6DCA988F9C4EA985E6DE9E956
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7EDF6A6BD95179AFC72C2B88AB2FFA20
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: DA1750C2A630A1BF4E82CC6BC580C2D1
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 05B59BAC125D04D2720AB4CA5F128FD3
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 7C486F612C7BE6FB4F7068F459DA5F02
Requests: 3 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 02651E00176AF39E31B9EBF0B58CFB44
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 8FE23529723EC3FE66F9767CF9DD52FA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=6DD056B2-15AF-4062-ACC3-26AE1DE500BD
Frame ID: 199AA409F5860691A50ADFBC60E13F22
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Frame ID: 1327C9D4D1F7042DF6BD50FA25A5FAC5
Requests: 21 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 0BCE10A7A3FBDE35F33C0D9CE3D84985
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4e3cd65fa13600ad%26uid%3D
Frame ID: 22BA8ABCA09793EF2F7EC4C3F7996F9D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 11D5DB713CEF9E32E31A4C5EA77A74EB
Requests: 25 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E0A9C3B9A4FFE5A9949D1A483CB16948
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: FD486FF3A548D569252D10DF78F1473A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959872775212169361
Frame ID: A645B20B1C57009540E6ED5DB2F28C23
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 8C6BD4AD68F218C2B23F2034B452C44B
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 64DA50E404F66A280A316CD9BE81F68D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003
Frame ID: 4875EBB2A65A2BCC5BF8A98CB7242FAA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=XCROD12azIZiNqWNh0naWxY0
Frame ID: 9D5E60257EB021F84C7794F811DE7235
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 9415FA447344ACB8404CA2AA0280E4A8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 9A5B0A4DF76F082B3CC7AAD7176CB727
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 98E2EC6FBD5C8EEA61CDE04A62742470
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=5wQHaOftU62s&pid=557219
Frame ID: 1482E6371F48C8A862F686CEF92FF1BF
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: C8EC556EECF943D1193D65F82A1A414E
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=4e3cd65fa13600ad&uid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB
Frame ID: FC0F65EF510073D830AFB276FF1D5269
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Frame ID: 7697236F6965C483A6E1D2FBDC081E8F
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361&cmp=0
Frame ID: 689C06A5C45BBA6913D165842FEAF697
Requests: 31 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: CF33E68A59DA9B14371CC08C876E2DF5
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Frame ID: C82165BF109DE20E20AA598283497270
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 6820EF7432639F659F1629BECC71FE48
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4e3cd65fa13600ad%26uid%3D
Frame ID: CEE97A627E2D85F76894613F1D6F6B18
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7FCB7C4551E7EDC9AAAC52643DA0ABE7
Requests: 26 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Frame ID: 9E94EADD38AA074B8EF733898AD75340
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=ac3b2234-fc75-4e3a-6a01-9599402b06cb&zdid=1361&cmp=0
Frame ID: 7508A632A3C70C00FE305654A686BB7A
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: B28C090109008CAF0DA3630DCD2F4DAF
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: 2B4EB5CF497C2CBB8977BA02753F8226
Requests: 8 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AJyklLmAs8M9EvVK
Frame ID: 929B87CDA024FE3ABBD5CC88F16D9866
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: E9B9B5BAD42C6BAD55AF1FD24D81FC74
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: EE3B28B3916F7D8C816D816E37F5D412
Requests: 8 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AJyklLmAs8M9EvVK
Frame ID: 496958A43F8264E02636B61231EDCAC6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 4F7E33AFDF2C8EFBEFE8CB2CDA3267AF
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 71A45F57833C4F9DB295666F413FB94E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 7BEAF93E77F258693EA98282C787BAB4
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 68CC5A6F68A8116C212D7455A4062897
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 9F3E762FB9EDF910D44C58399076D82A
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: E4CD00DA77148D2E7077D51C6EB85E47
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: A70FAC26094B6062C6214D9D2FCF2465
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: A80F00416FD150E9DD9881646934FBBB
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB
Frame ID: D28FEE89A6CEA4FC2CB2ACA0B17D68C4
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f090e07c-c43d-4e61-b22c-424251676e83-tuct78ff4e9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: CAB9F692D1A6959F93402B727D3F105D
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: A79B01C695DF3506DE5F81B9A2E458F2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5kggVWO21LFkHD5&gdpr=0&gdpr_consent=
Frame ID: 77E0440BB0141F268F3F52C4CFD51657
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=aFAAAa51QgJP4MWw8-MNt1JmEnI
Frame ID: 8A3FB18F057F084613395ED7FA1CA0AA
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 068E39102ABCC64149AA27AB9199F87B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E2D179E90B864B31A674C35C341F75F2
Frame ID: 31F888A5B0F3DE9081254C2343C523B9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB
Frame ID: 978ABD18185EA369188C545F78D109B7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 079334CF95B2A612DF42268C52A0ACF9
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F44B2A197F503DA64802A1CD8203DAD1
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: CBB58C24F3751741363D6064A8523493
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959872788105197720
Frame ID: EDC57E4A652FF51C177416C7EC1B2E6E
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: EF94BC0FA6AA591CEB750810EF124D0C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 5CCF12EFCA8C6E77A56D100B7DF49377
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b0468464-ac93-4e16-a0a3-d79eccf8d948-003
Frame ID: F9F3E6157EEE5DB79807020B5573E117
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=90Gzu4AKJ63b6uw5iaMCWxY1
Frame ID: C7D94B5D81BA6CBC5569C2183EC36F23
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: A0207740B19CA5BCC2A88DE15A5BF0AD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 8CEFBED8D883AB3962CE290593D618D1
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 21F89A97C4FDE9EBA55873E7148C5CDD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=pqzgmJI1XDSh&pid=557219
Frame ID: 2A37E67A25F1192300B42D1F62BB9C02
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: EF71B4A0DD517B76F48C0D764AB157AA
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=4e3cd65fa13600ad&uid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46
Frame ID: 3FDF3115C34FB7323680C772844F16AA
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=428496484/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Frame ID: DCCE48BCE65B2C9F53F4B9CFAEC96209
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Frame ID: 95CA8BBA08E0E5678F1A5B92C1B08F49
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: %
Detected patterns
  • script /hit\.gemius\.pl\/xgemius\.js/i
  • script /hit\.gemius\.pl/i
  • script /xgemius\.js/i

Page Statistics

641
Requests

99 %
HTTPS

26 %
IPv6

127
Domains

198
Subdomains

130
IPs

18
Countries

4572 kB
Transfer

10166 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98
  • https://gaee.hit.gemius.pl/_1620471648643/rexdot.js?l=100&id=zUBFz2NQPZktO8.iOaJ6pcUX38OZi28AdZXobDOoz.3.I7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Frus.delfi.ee%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=m39lDSMi9cZdKrsPzFDmLeyB5KQib2oeDyVaMJIe.2P.h7&vis=1 HTTP 301
  • https://gaee.hit.gemius.pl/__/_1620471648643/rexdot.js?l=100&id=zUBFz2NQPZktO8.iOaJ6pcUX38OZi28AdZXobDOoz.3.I7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Frus.delfi.ee%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=m39lDSMi9cZdKrsPzFDmLeyB5KQib2oeDyVaMJIe.2P.h7&vis=1
Request Chain 101
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adform HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=adform&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=p9ut4LpaGbbXk3hRzc7PWxY0&ssp=adform HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=f522abdd-178f-4127-9035-e4fbe2f6d9b0&adform_v=1
Request Chain 102
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHMN87l4p9Qly-TfN748zK8&google_cver=1&adform_v=1
Request Chain 103
  • https://sync.clickonometrics.pl/adform/set-cookie?id=8545480290022290403&redirurl=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d12%26adform_pc%3d HTTP 302
  • https://cm.adform.net/pixel?adform_pid=12&adform_pc=215927_317227
Request Chain 104
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=7523440425051550206
Request Chain 105
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ada0ce9-91b4-4935-92d1-c6d7a344f3c2
Request Chain 107
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adform HTTP 302
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=adform&gdpr=&gdpr_consent=
Request Chain 108
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESENN9-gGNRwhASSdUnKqOkik&google_cver=1&adform_v=1
Request Chain 109
  • https://sync.clickonometrics.pl/adform/set-cookie?id=8545480290022290403&redirurl=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d12%26adform_pc%3d HTTP 302
  • https://cm.adform.net/pixel?adform_pid=12&adform_pc=216193_317184
Request Chain 110
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=8721297867726870223
Request Chain 111
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=a2a29598-1255-4591-aa16-a633d027a1db
Request Chain 113
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=adform&bsw_custom_parameter=f522abdd-178f-4127-9035-e4fbe2f6d9b0 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=adform&bsw_custom_parameter=f522abdd-178f-4127-9035-e4fbe2f6d9b0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=bcfe04be-3fe6-430f-98a3-b86a280c9126&ssp=adform&expires=30&user_group=5&bsw_param=f522abdd-178f-4127-9035-e4fbe2f6d9b0 HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=f522abdd-178f-4127-9035-e4fbe2f6d9b0&adform_v=1
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEKUDwiGB6zCEXlIaGJvTwL0&google_cver=1&adform_v=1
Request Chain 115
  • https://sync.clickonometrics.pl/adform/set-cookie?id=8545480290022290403&redirurl=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d12%26adform_pc%3d HTTP 302
  • https://cm.adform.net/pixel?adform_pid=12&adform_pc=227300_316836
Request Chain 116
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=8721297867726870223
Request Chain 117
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=a2a29598-1255-4591-aa16-a633d027a1db
Request Chain 162
  • https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250&jst=hb&ord=6791134491320296&tz=-120&fl=0&rr=direct&s=3734232&bidid=288c7058e09d8ba&transactionid=dc6a5d46-4078-4f32-b362-835af42d2879&auctionid=0912a0db-af44-4f83-8110-52293001686c&cur=EUR&gdprApplies=true HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250&jst=hb&ord=6791134491320296&tz=-120&fl=0&rr=direct&s=3734232&bidid=288c7058e09d8ba&transactionid=dc6a5d46-4078-4f32-b362-835af42d2879&auctionid=0912a0db-af44-4f83-8110-52293001686c&cur=EUR&gdprApplies=true&crf=1
Request Chain 178
  • https://ads.betweendigital.com/adjson?sizes=970x250%252C995x300%252C970x90&jst=hb&ord=5650663342989399&tz=-120&fl=0&rr=direct&s=3734231&bidid=309510e36e0a8e9&transactionid=9b05f032-895c-4455-9676-ad3f121e4449&auctionid=77430f16-5535-47b8-8da6-4e92b94e8afc&cur=EUR&gdprApplies=true HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=970x250%252C995x300%252C970x90&jst=hb&ord=5650663342989399&tz=-120&fl=0&rr=direct&s=3734231&bidid=309510e36e0a8e9&transactionid=9b05f032-895c-4455-9676-ad3f121e4449&auctionid=77430f16-5535-47b8-8da6-4e92b94e8afc&cur=EUR&gdprApplies=true&crf=1
Request Chain 195
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8721297867726870223
Request Chain 196
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8721297867726870223
Request Chain 260
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOyxh_UjzNRa_p3VuAFT4Uw&google_cver=1&google_push=AQvitULykpFWLuwDbhiSnDX9gkrHmmzKsgUDSiTNs8FFKcJuZ3D2MQCtAg0C25108aGNus-POUUH_qLezXMR9YlenrozjwwMv-0y7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOyxh_UjzNRa_p3VuAFT4Uw&google_push=AQvitULykpFWLuwDbhiSnDX9gkrHmmzKsgUDSiTNs8FFKcJuZ3D2MQCtAg0C25108aGNus-POUUH_qLezXMR9YlenrozjwwMv-0y7A
Request Chain 261
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESENs3cFgkVChJSsxpudK62ZY&google_cver=1&google_push=AQvitUL0KwP_xJlZc6uPpJOt5C1K2fXyXM-ThCc5zcVKvOSGP95scOp73QNbTPXzAkneC6-xIDoZQfIlWZzxgC2uRgCsZDYEYXricA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUL0KwP_xJlZc6uPpJOt5C1K2fXyXM-ThCc5zcVKvOSGP95scOp73QNbTPXzAkneC6-xIDoZQfIlWZzxgC2uRgCsZDYEYXricA&google_hm=QW55S0h3U0VHVXB2WHAtYW1OMThYdXc=
Request Chain 262
  • https://google-sync.rutarget.ru/sync?google_gid=CAESELy0a5gLuNaayQyI5dF8b5k&google_cver=1&google_push=AQvitUKBPWr4JEuMrgtAw748OHXxGmN5L9WbVvwNBTfhuvOPSfcLWSCU3ZN49ICdV1Lj5OXty6MoAK94ybnnKCIo2Y0OlwAhB1r4NQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=ZDdqMTIwUVZiNzJt&google_ula=2046794&google_push=AQvitUKBPWr4JEuMrgtAw748OHXxGmN5L9WbVvwNBTfhuvOPSfcLWSCU3ZN49ICdV1Lj5OXty6MoAK94ybnnKCIo2Y0OlwAhB1r4NQ
Request Chain 264
  • https://cs.media.net/cksync?type=g&google_gid=CAESEKONfvfBKIMu8_nbyfr27P0&google_cver=1&google_push=AQvitULZvU75q5_0UwCLXa0KRRzBTWYVwAG04bte1knzud4cpD4i4NW3PUdqcmwYw_jMLJL1Jb4PcJEtQ40nho7QQle_2U8Z59xoTQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYzNDczMjUwMjExMDY2ODAwMFYxMA%3d%3d&mn_hm=MjYzNDczMjUwMjExMDY2ODAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitULZvU75q5_0UwCLXa0KRRzBTWYVwAG04bte1knzud4cpD4i4NW3PUdqcmwYw_jMLJL1Jb4PcJEtQ40nho7QQle_2U8Z59xoTQ
Request Chain 267
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFGYLsj-AZHom8yiWaw9AW0&google_cver=1&google_push=AQvitUITucyilXgxW6ocwWJWLUNf0K1mndbfwdEIiiNwmGmoi2m0Jr2TNQV-eZtOOlp04HS2CsZqMs1b-bti2WeIty9TJBZvZjvz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk4MTY4NzgzNDczMTQ0MTAzNw== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEFGYLsj-AZHom8yiWaw9AW0&google_cver=1
Request Chain 268
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBuKmJAlApCamb4IOBiZMbo&google_cver=1&google_push=AQvitUIaPqvSDIklkqQJPtHO9GnlW2P5QhP1hmFD5xHQQcSl8jZIgv9ROOIsXBQ6deNzH7sHe1VeWDAGKvQLUqh-WFufCjLWIPp7 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBuKmJAlApCamb4IOBiZMbo&google_cver=1&google_push=AQvitUIaPqvSDIklkqQJPtHO9GnlW2P5QhP1hmFD5xHQQcSl8jZIgv9ROOIsXBQ6deNzH7sHe1VeWDAGKvQLUqh-WFufCjLWIPp7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUdkb2tZTTYxTEZrSHc1&google_gid=CAESEBuKmJAlApCamb4IOBiZMbo&google_cver=1&google_push=AQvitUIaPqvSDIklkqQJPtHO9GnlW2P5QhP1hmFD5xHQQcSl8jZIgv9ROOIsXBQ6deNzH7sHe1VeWDAGKvQLUqh-WFufCjLWIPp7
Request Chain 269
  • https://um.simpli.fi/gp_match?google_gid=CAESEIHLyeMQGSVMs4sw6K-PM2o&google_cver=1&google_push=AQvitUKf8mw1CVK8_2sHLVbAvP7XIPSkwU2_KVWcEisIVMVKWX5hSMDBxYIiWDWc2R0YijxYTg34Y552LB-rge-KOTO-9erjNxGm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF1F786A6BD84D76A516B48834249AD9&google_push=AQvitUKf8mw1CVK8_2sHLVbAvP7XIPSkwU2_KVWcEisIVMVKWX5hSMDBxYIiWDWc2R0YijxYTg34Y552LB-rge-KOTO-9erjNxGm
Request Chain 270
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOpYJCpM2BdaOSgWZebV43I&google_cver=1&google_push=AQvitUI1Spov1rIsvSB7ab79ULZKkJorur75sWuD3nUM7I91na9LPBoS39LdyvS-wfjrj6DFJt_4WQ-hgvU2QTFS6UhFZ1x5sCDm HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=511Mfd2OSSiddGDXsvaByw2&google_push=AQvitUI1Spov1rIsvSB7ab79ULZKkJorur75sWuD3nUM7I91na9LPBoS39LdyvS-wfjrj6DFJt_4WQ-hgvU2QTFS6UhFZ1x5sCDm
Request Chain 288
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Request Chain 291
  • https://ads.betweendigital.com/sspmatch-iframe HTTP 302
  • https://ads.betweendigital.com/sspmatch-iframe?crf=1
Request Chain 298
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=14b06096-6f64-4700-9fc3-162def39c554
Request Chain 299
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=PiAV3j52GtwlcknRbSQB2j0kG9Elc03ebCmeNrtk
Request Chain 300
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3665908147143768479
Request Chain 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI5ZTBhMDUtOWUyZS02YzRmLTRkM2MtMjM0MTljOTczMGQx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI5ZTBhMDUtOWUyZS02YzRmLTRkM2MtMjM0MTljOTczMGQx&google_tc=
Request Chain 303
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEICCL25lu0gk68HIjq2ztnw&google_cver=1
Request Chain 304
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=662a6096-6f64-4b00-80a9-611ac97ecd1c
Request Chain 305
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=PiAV3j52GtwlcknRbSQB2j0kG9Elc03ebCmeNrtk
Request Chain 306
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2077501391473957490
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI5ZTBhMDUtOWUyZS02YzRmLTRkM2MtMjM0MTljOTczMGQx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI5ZTBhMDUtOWUyZS02YzRmLTRkM2MtMjM0MTljOTczMGQx&google_tc=
Request Chain 309
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIUkpAhlksRW6FthBhhNzz4&google_cver=1
Request Chain 310
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 311
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=9c497d83-c0c6-42cf-b0d1-8da5dbde543e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=9c497d83-c0c6-42cf-b0d1-8da5dbde543e HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
Request Chain 312
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u7LcVlZdq143.AikABlF5S6Miew
Request Chain 313
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8bf2fa182cf8f561da7d3412
Request Chain 314
  • https://sync.bumlam.com/?src=bw1&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjk3tmEBlIFvp7KygpiJDA0YTE1YzgxLWFlMjItNTI4MC04MGNhLTNjOTFlMDVjNTNmNQ** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjk3tmEBlIFvp7KygpiJDA0YTE1YzgxLWFlMjItNTI4MC04MGNhLTNjOTFlMDVjNTNmNaIBEKgB6X6v7BHrilMMxHptL-8* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABjk3tmEBmIkMDRhMTVjODEtYWUyMi01MjgwLTgwY2EtM2M5MWUwNWM1M2Y1ogEQqAHpfq_sEeuKUwzEem0v7w** HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARjk3tmEBmIkMDRhMTVjODEtYWUyMi01MjgwLTgwY2EtM2M5MWUwNWM1M2Y1ogEQqAHpfq_sEeuKUwzEem0v7w** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=a801e97e-afec-11eb-8a53-0cc47a6d2fef
Request Chain 316
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=662889f9-a97e-4d39-ad38-febbb748d72e HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=662889f9-a97e-4d39-ad38-febbb748d72e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=30006527-a637-42be-8eb7-15ad3061b1ce&ssp=between&expires=30&user_group=5&bsw_param=662889f9-a97e-4d39-ad38-febbb748d72e HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
Request Chain 317
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u7LcVlZdq143.AikABlF5S6Miew
Request Chain 318
  • https://sync.bumlam.com/?src=bw1&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjk3tmEBlIFvp7KygpiJDA0YTE1YzgxLWFlMjItNTI4MC04MGNhLTNjOTFlMDVjNTNmNQ** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjk3tmEBlIFvp7KygpiJDA0YTE1YzgxLWFlMjItNTI4MC04MGNhLTNjOTFlMDVjNTNmNaIBEKgB5g6v7BHrilMMxHptL-8* HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhjk3tmEBlIFvp7KygpiJDA0YTE1YzgxLWFlMjItNTI4MC04MGNhLTNjOTFlMDVjNTNmNaIBEKgB6X6v7BHrilMMxHptL-8* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABjk3tmEBmIkMDRhMTVjODEtYWUyMi01MjgwLTgwY2EtM2M5MWUwNWM1M2Y1ogEQqAHpfq_sEeuKUwzEem0v7w** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=a801e97e-afec-11eb-8a53-0cc47a6d2fef
Request Chain 319
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=42d7ca0490d857002311dbb2
Request Chain 322
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 325
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=between HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=875739026593431141&expires=30&ssp=between HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
Request Chain 326
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=662889f9-a97e-4d39-ad38-febbb748d72e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=30006527-a637-42be-8eb7-15ad3061b1ce&ssp=between&expires=30&user_group=5&bsw_param=662889f9-a97e-4d39-ad38-febbb748d72e HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
Request Chain 329
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=772f5600-eec6-0102-3350-b9edd72e3c3c
Request Chain 330
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4318781350889431294
Request Chain 331
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=c04b45ba947ec6ef
Request Chain 333
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4318781350889431294
Request Chain 334
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=772f5600-eec6-0102-3350-b9edd72e3c3c
Request Chain 335
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=c04b45ba947ec6ef
Request Chain 336
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a801e97e-afec-11eb-8a53-0cc47a6d2fef HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a801e97e-afec-11eb-8a53-0cc47a6d2fef&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=m9YRmPhGU2Q1WG%2BWu0RYVw& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=m9YRmPhGU2Q1WG+Wu0RYVw&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=m9YRmPhGU2Q1WG+Wu0RYVw&extra2=aidata&google_gid=CAESEAQUvmtZ1pT8UVtoViv_l6E&google_cver=1 HTTP 301
  • https://sync.bumlam.com/?src=ggl&extra1=m9YRmPhGU2Q1WG+Wu0RYVw&extra2=aidata&google_gid=CAESEAQUvmtZ1pT8UVtoViv_l6E&google_cver=1 HTTP 302
  • https://an.yandex.ru/setud/adsniper/C7CDA3FD002FF091?sign=1912316256 HTTP 302
  • https://an.yandex.ru/setud/adsniper/C7CDA3FD002FF091?redir-setuniq=1&sign=1912316256
Request Chain 337
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a801e97e-afec-11eb-8a53-0cc47a6d2fef HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a801e97e-afec-11eb-8a53-0cc47a6d2fef&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=m9YRmPhGU2Q1WG%2BWu0RYVw& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=m9YRmPhGU2Q1WG+Wu0RYVw&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=m9YRmPhGU2Q1WG+Wu0RYVw&extra2=aidata&google_gid=CAESEAQUvmtZ1pT8UVtoViv_l6E&google_cver=1 HTTP 301
  • https://sync.bumlam.com/?src=ggl&extra1=m9YRmPhGU2Q1WG+Wu0RYVw&extra2=aidata&google_gid=CAESEAQUvmtZ1pT8UVtoViv_l6E&google_cver=1 HTTP 302
  • https://an.yandex.ru/setud/adsniper/C7CDA3FD002FF091?sign=1912316256 HTTP 302
  • https://an.yandex.ru/setud/adsniper/C7CDA3FD002FF091?redir-setuniq=1&sign=1912316256
Request Chain 350
  • https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D HTTP 302
  • https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=E2chmAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9FcmSvn8 HTTP 302
  • https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=4318781350889431294&mpk=E2chmAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9FcmSvn8 HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=4318781350889431294
Request Chain 351
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 352
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bdBWshWvQGKswyauHeUAvQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 358
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6DD056B2-15AF-4062-ACC3-26AE1DE500BD&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6DD056B2-15AF-4062-ACC3-26AE1DE500BD&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 359
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6DD056B2-15AF-4062-ACC3-26AE1DE500BD&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6DD056B2-15AF-4062-ACC3-26AE1DE500BD&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6DD056B2-15AF-4062-ACC3-26AE1DE500BD&addseg=12,35,41
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkREMDU2QjItMTVBRi00MDYyLUFDQzMtMjZBRTFERTUwMEJE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIeMHEcTJY6tORZZiwAxnxU&google_cver=1
Request Chain 363
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1178f91a-f619-4021-be2b-fd52ea2c0d79
Request Chain 364
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2077501391473957490
Request Chain 365
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:662a6096-6f64-4b00-80a9-611ac97ecd1c&gdpr=0&gdpr_consent=
Request Chain 366
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4318781350889431294&gdpr=0&gdpr_consent=
Request Chain 372
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5 HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5&cs=1
Request Chain 373
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5 HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5&cs=1
Request Chain 374
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/848224 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/848224
Request Chain 375
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/952735 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/952735
Request Chain 376
  • https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D HTTP 302
  • https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=IcqXZAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9Fci4Elh HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdmp.rtbsrv.com%2Fdmp%2Fprofiles%2Fcm%2Fap%2FgetId%3Fgid%3D%2524UID%26mpk%3DIcqXZAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9Fci4Elh HTTP 302
  • https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=4075677591857000862&mpk=IcqXZAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9Fci4Elh HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=4075677591857000862
Request Chain 379
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Request Chain 380
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=04a15c81-ae22-5280-80ca-3c91e05c53f5&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=429&user_id=04a15c81-ae22-5280-80ca-3c91e05c53f5&expires=30 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/88d67dc6-6b82-4308-b475-8146225334a2?gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/88d67dc6-6b82-4308-b475-8146225334a2?gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/88d67dc6-6b82-4308-b475-8146225334a2?zcc=1&dspret=0&cb=1620471655150 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003
Request Chain 381
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=04a15c81-ae22-5280-80ca-3c91e05c53f5&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=429&user_id=04a15c81-ae22-5280-80ca-3c91e05c53f5&expires=30 HTTP 302
  • https://kdmp.kbntx.ch/sync?from=bidswitch&user=8c063509-5413-4a8a-9e0a-134731244d6c HTTP 302
  • https://kdmp.kbntx.ch/sync?from=bidswitch&user=8c063509-5413-4a8a-9e0a-134731244d6c&cb=1 HTTP 302
  • https://sync.dmp.kubient.net/match/bvid3kevgpikn2gm1d80?id=04b0a7ac-50a2-44d8-9251-0d798d15dff3 HTTP 302
  • https://sync.dmp.kubient.net/match/bvid3kevgpikn2gm1d80?id=04b0a7ac-50a2-44d8-9251-0d798d15dff3&chk=1
Request Chain 382
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4e3cd65fa13600ad HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4e3cd65fa13600ad
Request Chain 383
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7719293512 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7719293512 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/b83adcd0-448d-40af-9582-ee27546db375 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003
Request Chain 387
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4e3cd65fa13600ad%26uid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4e3cd65fa13600ad%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4e3cd65fa13600ad&uid=2d222c62-7c10-4a97-b2ad-31d8515b32ac
Request Chain 391
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D4e3cd65fa13600ad HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 392
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4e3cd65fa13600ad%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4e3cd65fa13600ad&uid=4075677591857000862
Request Chain 394
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-rxspta9E2uEnRQa4iKrxREmQELfDHg__vQ84n7o-~A
Request Chain 395
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D4e3cd65fa13600ad%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4e3cd65fa13600ad&uid=58c80c8e8be87fc5c8bba67a994ab49d9205f32e
Request Chain 397
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 403
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBanhMsWO--41ILBR5i06gY&google_cver=1
Request Chain 405
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b82e3e12-87e9-4d90-82b8-6d7ea657a111
Request Chain 406
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1278699865142767615
Request Chain 407
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bd1d6096-6f67-4700-8805-4175781ba553&gdpr=0&gdpr_consent=
Request Chain 410
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4075677591857000862&gdpr=0&gdpr_consent=
Request Chain 411
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959872775212169361
Request Chain 412
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCLXpVN0JMTjhBQUNyaHF2M1B4Zw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 414
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1332262949 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/b82e3e12-87e9-4d90-82b8-6d7ea657a111 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003
Request Chain 415
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=XCROD12azIZiNqWNh0naWxY0
Request Chain 417
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 418
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 419
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=5wQHaOftU62s&pid=557219
Request Chain 422
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TwaJVVMETfWzjmycd_ftqw%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TwaJVVMETfWzjmycd_ftqw%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 424
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 425
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&addseg=12,35,41
Request Chain 426
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEYwNjg5NTUtNTMwNC00REY1LUIzOEUtNkM5Qzc3RjdFREFC&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEYwNjg5NTUtNTMwNC00REY1LUIzOEUtNkM5Qzc3RjdFREFC&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 428
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hxPmSHxE2uXgqXKP4CMXhuKREAQXxkM-~A&gdpr=0&gdpr_consent=
Request Chain 429
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX
Request Chain 430
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=QMrhEHsVRmFGJtdVMhUU01JmEnI&user_group=1&ssp=pubmatic&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=88d67dc6-6b82-4308-b475-8146225334a2&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 431
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9165409399064587149&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 432
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YJZvZwAA1YDoMwA4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJZvZwAA1YDoMwA4&gdpr=0&gdpr_consent=&_test=YJZvZwAA1YDoMwA4
Request Chain 433
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c82ee408-5ea4-49f6-b65d-f0d305e1c354&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 435
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 436
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4937023020763147763
Request Chain 437
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_acff90b5-7082-42d5-acba-e18e5aa8b6ae
Request Chain 438
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Request Chain 442
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEPsMWOCOUGM7IFHk7RzMWSM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Request Chain 443
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2f43fd45-9bdf-4d62-4265-c5bdb18185df%26reqId%3D5e9a7c93-dcc4-417a-4975-ae9c57ea91c4%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2f43fd45-9bdf-4d62-4265-c5bdb18185df%26reqId%3D5e9a7c93-dcc4-417a-4975-ae9c57ea91c4%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=c043d2a6-3d81-4203-bea3-5cbaaeeb7d36&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Request Chain 445
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2f43fd45-9bdf-4d62-4265-c5bdb18185df%26reqId%3D5e9a7c93-dcc4-417a-4975-ae9c57ea91c4%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=b82e3e12-87e9-4d90-82b8-6d7ea657a111&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Request Chain 449
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=264827c8-cae0-48a2-aa06-4fdc758788c3&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 450
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=2f43fd45-9bdf-4d62-4265-c5bdb18185df&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2f43fd45-9bdf-4d62-4265-c5bdb18185df%26reqId%3D5e9a7c93-dcc4-417a-4975-ae9c57ea91c4%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=2f43fd45-9bdf-4d62-4265-c5bdb18185df&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2f43fd45-9bdf-4d62-4265-c5bdb18185df%26reqId%3D5e9a7c93-dcc4-417a-4975-ae9c57ea91c4%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=31722095302884908381593485583478235126&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Request Chain 452
  • https://bn01.er.bemail.it/zeotap.php?_bid=2f43fd45-9bdf-4d62-4265-c5bdb18185df&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021050813-64792-0.870120001620471662-1fb3a0b384e408e9750d8e093170d1bc&zdid=533&env=mWeb
Request Chain 453
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2f43fd45-9bdf-4d62-4265-c5bdb18185df%26reqId%3D5e9a7c93-dcc4-417a-4975-ae9c57ea91c4%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6959872775212955793&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Request Chain 454
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=2f43fd45-9bdf-4d62-4265-c5bdb18185df HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=2f43fd45-9bdf-4d62-4265-c5bdb18185df
Request Chain 455
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2f43fd45-9bdf-4d62-4265-c5bdb18185df&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2f43fd45-9bdf-4d62-4265-c5bdb18185df%26reqId%3D5e9a7c93-dcc4-417a-4975-ae9c57ea91c4%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2f43fd45-9bdf-4d62-4265-c5bdb18185df&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2f43fd45-9bdf-4d62-4265-c5bdb18185df%26reqId%3D5e9a7c93-dcc4-417a-4975-ae9c57ea91c4%26zdid%3D1361&bounce=1&random=1885245305 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=8tFIrrDdvzy3C.DOxhZuh.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Request Chain 457
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=2f43fd45-9bdf-4d62-4265-c5bdb18185df?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=2f43fd45-9bdf-4d62-4265-c5bdb18185df?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=6a45e6f7ce5a6930e3bd10a88a9c29e2&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Request Chain 458
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-BPg5su1E2opuIRM2zzlxqMUQylslPlx9Pw--~A&zpartnerid=570&env=mWeb
Request Chain 459
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=3qhONQL5KXY28bUsTPW3wzPeydFqDgfC%2BS41iYitP1U%3D
Request Chain 463
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2f43fd45-9bdf-4d62-4265-c5bdb18185df%26reqId%3D5e9a7c93-dcc4-417a-4975-ae9c57ea91c4%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJZvZwAA1YDoMwA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Request Chain 464
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2f43fd45-9bdf-4d62-4265-c5bdb18185df%26reqId%3D5e9a7c93-dcc4-417a-4975-ae9c57ea91c4%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=bd1d6096-6f67-4700-8805-4175781ba553&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Request Chain 465
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OG57RotV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2f43fd45-9bdf-4d62-4265-c5bdb18185df
Request Chain 466
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2f43fd45-9bdf-4d62-4265-c5bdb18185df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2f43fd45-9bdf-4d62-4265-c5bdb18185df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361&dcc=t
Request Chain 467
  • https://tags.bluekai.com/site/87734?id=2f43fd45-9bdf-4d62-4265-c5bdb18185df&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 470
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F04a15c81-ae22-5280-80ca-3c91e05c53f5 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F04a15c81-ae22-5280-80ca-3c91e05c53f5&crf=1 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/04a15c81-ae22-5280-80ca-3c91e05c53f5 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/04a15c81-ae22-5280-80ca-3c91e05c53f5?redir-setuniq=1
Request Chain 472
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4e3cd65fa13600ad HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4e3cd65fa13600ad
Request Chain 473
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2095%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=5393033283 HTTP 302
  • https://sync.1rx.io/usersync3/centro/2095/no-consent?zcc=0&sspret=1&rndcb=5393033283 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003&dc=1079cc634ca638f8&iss=1
Request Chain 477
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4e3cd65fa13600ad%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4e3cd65fa13600ad&uid=2d222c62-7c10-4a97-b2ad-31d8515b32ac
Request Chain 481
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D4e3cd65fa13600ad HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 482
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4e3cd65fa13600ad%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4e3cd65fa13600ad&uid=4075677591857000862
Request Chain 484
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-l2uXvbZE2uEL1gxXaf813sWVA3BlbEerOoQ5z2M-~A
Request Chain 485
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D4e3cd65fa13600ad%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4e3cd65fa13600ad&uid=58c80c8e8be87fc5c8bba67a994ab49d9205f32e
Request Chain 486
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 489
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Request Chain 498
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJZvZ80QyA1irCm.eMbIEwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHTaqwYzgRLOyS9gngGk2ME&google_cver=1&google_hm=2
Request Chain 499
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEKkaJKemMM3pDPUBe0fgMg&google_cver=1
Request Chain 501
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB&dcc=t
Request Chain 502
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB
Request Chain 503
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YJZvZ80QyA1irCm.eMbIEwAA%261152 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJZvZ80QyA1irCm.eMbIEwAA%261152
Request Chain 504
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E2D179E90B864B31A674C35C341F75F2&gdpr=1
Request Chain 505
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 507
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJZvZzpmm15rPtf4R1AlJQAABIwAAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEKkaJKemMM3pDPUBe0fgMg&google_cver=1
Request Chain 509
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJZvZzpmm15rPtf4R1AlJQAABIwAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJZvZzpmm15rPtf4R1AlJQAABIwAAAIB&dcc=t
Request Chain 510
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJZvZzpmm15rPtf4R1AlJQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHTaqwYzgRLOyS9gngGk2ME&google_cver=1
Request Chain 511
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YJZvZzpmm15rPtf4R1AlJQAA%261164 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YJZvZzpmm15rPtf4R1AlJQAA%261164
Request Chain 512
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YJZvZzpmm15rPtf4R1AlJQAABIwAAAIB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YJZvZzpmm15rPtf4R1AlJQAABIwAAAIB
Request Chain 514
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=d1be5269-3a11-4d8a-8837-e730dce13408&expiration=1652007656
Request Chain 520
  • https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AJyklLmAs8M9EvVK
Request Chain 525
  • https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AJyklLmAs8M9EvVK
Request Chain 528
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4075677591857000862
Request Chain 529
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4075677591857000862
Request Chain 530
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-l2uXvbZE2uEL1gxXaf813sWVA3BlbEerOoQ5z2M-~A
Request Chain 531
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4075677591857000862
Request Chain 532
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=8a4f16fa-2764-5280-9566-d04df5f0bf2a
Request Chain 538
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4075677591857000862
Request Chain 539
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4075677591857000862
Request Chain 540
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-l2uXvbZE2uEL1gxXaf813sWVA3BlbEerOoQ5z2M-~A
Request Chain 541
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4075677591857000862
Request Chain 542
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=8a4f16fa-2764-5280-9566-d04df5f0bf2a
Request Chain 551
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd1d6096-6f67-4700-8805-4175781ba553&gdpr=1&gdpr_consent=
Request Chain 552
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9165409399064587149
Request Chain 553
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-0dffafec-fdda-4b05-a77c-75dc3a84db96 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-0dffafec-fdda-4b05-a77c-75dc3a84db96&C=1
Request Chain 560
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9165409399064587149
Request Chain 561
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd1d6096-6f67-4700-8805-4175781ba553&gdpr=1&gdpr_consent=
Request Chain 562
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 564
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ef86a02d-c6d9-43f2-8241-4a1352553e46 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ef86a02d-c6d9-43f2-8241-4a1352553e46&C=1
Request Chain 571
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f090e07c-c43d-4e61-b22c-424251676e83-tuct78ff4e9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 572
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 573
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5kggVWO21LFkHD5&gdpr=0&gdpr_consent=
Request Chain 574
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=aFAAAa51QgJP4MWw8-MNt1JmEnI
Request Chain 576
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E2D179E90B864B31A674C35C341F75F2
Request Chain 578
  • https://pixel.onaudience.com/?partner=214&mapped=4F068955-5304-4DF5-B38E-6C9C77F7EDAB HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6faeef553e2f4b51e588ae56d7c69604
Request Chain 579
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd1d6096-6f67-4700-8805-4175781ba553
Request Chain 580
  • https://loadm.exelator.com/load/?p=204&g=71&buid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 581
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ac34dbde-afec-11eb-97e8-53ce79fe8ad3&gdpr=0&gdpr_consent=
Request Chain 583
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F04a15c81-ae22-5280-80ca-3c91e05c53f5 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/04a15c81-ae22-5280-80ca-3c91e05c53f5
Request Chain 590
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFOYSMymf4yLJt597iYdJsE&google_cver=1
Request Chain 592
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=64082a3e-862e-47dd-9e72-794a06de6253
Request Chain 593
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2913961354282342544
Request Chain 594
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&gdpr=0&gdpr_consent=
Request Chain 597
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4937023020763147763&gdpr=0&gdpr_consent=
Request Chain 598
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=udVvR7mDYBWih2JB7dx7ROmEZBeig2JC6YQbUP41
Request Chain 599
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959872788105197720
Request Chain 600
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFUlFFN0JMTjhBQUNzUFpyazRnQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 601
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:8ce03d24-5884-4171-ae50-6e2d2b3a7b1f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 602
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 604
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5289461148 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/64082a3e-862e-47dd-9e72-794a06de6253 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b0468464-ac93-4e16-a0a3-d79eccf8d948-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-b0468464-ac93-4e16-a0a3-d79eccf8d948-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b0468464-ac93-4e16-a0a3-d79eccf8d948-003
Request Chain 605
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=90Gzu4AKJ63b6uw5iaMCWxY1
Request Chain 606
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4937023020763147763
Request Chain 608
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 609
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_52383a0e-87a9-4f21-8d98-61373b7b4202
Request Chain 610
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 611
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=pqzgmJI1XDSh&pid=557219
Request Chain 614
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=s0o3pcDHTO6o_aKCTFjsRg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 616
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 617
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&addseg=12,35,41
Request Chain 618
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjM0QTM3QTUtQzBDNy00Q0VFLUE4RkQtQTI4MjRDNThFQzQ2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 620
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jqJtpeFE2uUo6so899a0zX7RSlwQBSU-~A&gdpr=0&gdpr_consent=
Request Chain 621
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=67a1941c-1054-47d1-921a-db0dc58be5d0
Request Chain 622
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8675937608704289677&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 623
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YJZvbQAAvKbEKABg HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJZvbQAAvKbEKABg&gdpr=0&gdpr_consent=&_test=YJZvbQAAvKbEKABg
Request Chain 626
  • https://bcp.crwdcntrl.net/5/c=15238/rand=428496484/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=428496484/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Request Chain 629
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8miT3WzeqZiRDSAxA8y95V8NQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8miT3WzeqZiRDSAxA8y95V8NQ&gdpr=0&gdpr_consent=&google_gid=CAESELTSpugPrKckG1CR7GRbf9E&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 630
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=2913961354282342544 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=&google_gid=CAESELTSpugPrKckG1CR7GRbf9E&google_cver=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=8miT3WzeqZiRDSAxA8y95V8NQ&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 632
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
Request Chain 633
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=6a45e6f7ce5a6930e3bd10a88a9c29e2&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=15034018809588788571144267388814401893
Request Chain 634
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YJZvbQAAvKbEKABg
Request Chain 635
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=6a45e6f7ce5a6930e3bd10a88a9c29e2&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=c043d2a6-3d81-4203-bea3-5cbaaeeb7d36
Request Chain 636
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=41d06096-6f6d-4b00-ba1d-a7251ea4b9f1
Request Chain 639
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=1&gdpr_consent=&uid=2913961354282342544

641 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rus.delfi.ee/ 		485 KB
96 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.194 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy3.delfi.ee
Software
DWS /
Resource Hash
f42cf69c31cc8195800a5221d5034eb70df955bc2cd75a2934fd00bdc9cd73de
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
rus.delfi.ee
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

etag
"792b0-7C6MqdME3k0F2GHaNnMtz5ZFd/s"
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
date
Sat, 08 May 2021 10:59:56 GMT
x-envoy-upstream-service-time
311
server
DWS
age
50
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
97842
runtime.141879.js
g.nh.ee/m/portal-root/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/runtime.141879.js
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
ebaacd0f5a22f262245f3fd2c3ff3d02db1b6584186db4e6f7ae95026b5df2bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:58 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10789
etag
"2777960802"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
2236
expires
Fri, 11 Jun 2021 08:00:57 GMT
app.141879.js
g.nh.ee/m/portal-root/commons/ 		213 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/commons/app.141879.js
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
db3172da9234e21da35c00314879e1cfd00980a851ba10c07946d053f5fbd4a4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:58 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10789
etag
"3172512657"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
73260
expires
Fri, 11 Jun 2021 08:00:57 GMT
app.141879.css
g.nh.ee/m/portal-root/vendors/ 		71 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/vendors/app.141879.css
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
1c8d17033a2163e1a8664efa1afc8673f836de87e1a091b12501ec939f99a030
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:58 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10789
etag
"3172220722"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
9497
expires
Fri, 11 Jun 2021 08:00:57 GMT
app.141879.js
g.nh.ee/m/portal-root/vendors/ 		975 KB
242 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/vendors/app.141879.js
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
4ae5ba9b20c6882a5620d61fbfb1890bd4691d0ed533ee0c65f68d6561a34d35
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:58 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10789
etag
"614097808"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
246963
expires
Fri, 11 Jun 2021 08:00:57 GMT
app.141879.css
g.nh.ee/m/portal-root/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/app.141879.css
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
16ac60e9013f5aa19a12e7295ebfe1b360d669f5ceded4ae23e38f0b51617d00
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:58 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10789
etag
"2905887091"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
1512
expires
Fri, 11 Jun 2021 08:00:57 GMT
app.141879.js
g.nh.ee/m/portal-root/ 		271 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/app.141879.js
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
c2aa490fd2935bc02e8eac297a35c1bcc80d1ff4ca53ddf0682581b00ed9ff00
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:58 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10789
etag
"567852896"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
55519
expires
Fri, 11 Jun 2021 08:00:57 GMT
AdFormSiteheader.141879.css
g.nh.ee/m/portal-root/adForm/ 		279 B
421 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/adForm/AdFormSiteheader.141879.css
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
56428705248cf08b0cd89a498cc2a1f5c48122491ab3e39c2794afb4c3594f7b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:58 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10789
etag
"2696172048"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
181
expires
Fri, 11 Jun 2021 08:00:57 GMT
AdFormSiteheader.141879.js
g.nh.ee/m/portal-root/adForm/ 		1 KB
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/adForm/AdFormSiteheader.141879.js
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
142e5269373cf4b3c704c5fde74a45d13f7442c9344179d24b18a1a7c35deeb8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:58 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10789
etag
"882135297"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
576
expires
Fri, 11 Jun 2021 08:00:57 GMT
Frontpage.141879.css
g.nh.ee/m/portal-root/page/ 		2 KB
791 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/page/Frontpage.141879.css
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
3f386caac01bdd2c7a548b3f8aee9dade06b3c2d211fef6c5a1ea8f098dcdbcc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:01:01 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10786
etag
"2643742978"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
551
expires
Fri, 11 Jun 2021 08:00:58 GMT
Frontpage.141879.js
g.nh.ee/m/portal-root/page/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/page/Frontpage.141879.js
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
f0423785dd9cd1e572ad2bf6dd1a358b0bdc3d33a7c892eab0c1a625faf84d58
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:01:01 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10786
etag
"903099168"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
3692
expires
Fri, 11 Jun 2021 08:00:59 GMT
inter.css
g.delfi.ee/portalcore/fonts/inter/ 		5 KB
953 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.delfi.ee/portalcore/fonts/inter/inter.css
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
6b80602adff90338777660352c19a01224ee11ee235dd49ebcd908bf7f3e1a09
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 09:53:59 GMT
content-encoding
gzip
last-modified
Sat, 11 Jul 2020 07:51:23 GMT
server
DWS
age
4008
etag
"3191651057"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
714
expires
Tue, 04 May 2021 09:50:53 GMT
css2
fonts.googleapis.com/ 		7 KB
725 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c853b97d55b8135ca740f3d14ffb477b378b0ff0f10301e85492f268c7e8f02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 08 May 2021 09:09:35 GMT
server
ESF
date
Sat, 08 May 2021 11:00:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 08 May 2021 11:00:47 GMT
css
fonts.googleapis.com/ 		8 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700,900
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb5a11a3853ece18e16cda10777c9817a570e96dd1808cef1cc3b2208ad99f8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 08 May 2021 09:30:25 GMT
server
ESF
date
Sat, 08 May 2021 11:00:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 08 May 2021 11:00:47 GMT
core-main-scss.141879.css
g.nh.ee/m/portal-root/ 		120 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/core-main-scss.141879.css
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
4657cb2e2ed49bbdcef2bcdf9c6c63bc97328f244ae8642cba8104958bd1eb13
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:01:07 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10780
etag
"2635625781"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
18554
expires
Fri, 11 Jun 2021 08:01:02 GMT
/
g.delfi.ee/scms/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.delfi.ee/scms/?g=j
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
39235861d9bc9a21651d032048c05298d7018a1a70de913b10fd48902e0cd339
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:41 GMT
content-encoding
gzip
last-modified
Wed, 25 Nov 2015 13:19:47 GMT
server
DWS
age
5
etag
"pub1448457587;gz"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=1800
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
33447
expires
Sat, 08 May 2021 11:30:41 GMT
adx.js
s1.adform.net/banners/scripts/ 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
339915a320943d2d72b50b87a44a03dd5945df0e720619199ec003af5a7a82a9

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:47 GMT
content-encoding
gzip
last-modified
Mon, 22 Mar 2021 09:07:34 GMT
server
nginx
etag
W/"60585e56-e7c1"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
/
g.delfi.ee/scms/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.delfi.ee/scms/?g=afp.js
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
0ea1668f6f404eb9bb7582e8ce3378ddb87d02f4d6e7d2ae346769bbd5cb5aed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:01:17 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 07:57:34 GMT
server
DWS
age
10770
etag
"pub1618905454;gz"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=1800
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
11402
expires
Sat, 08 May 2021 08:31:17 GMT
/
g.delfi.ee/scms/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.delfi.ee/scms/?g=topbar
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
128fe826f7377e487b7bf20d8a42b8f6c5acdb47def31508215d4e2a92a4e3a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:02 GMT
content-encoding
gzip
last-modified
Thu, 19 Dec 2019 07:46:40 GMT
server
DWS
age
44
etag
"pub1576741600;gz"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=1800
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
1288
expires
Sat, 08 May 2021 11:30:02 GMT
c.js
g1.nh.ee/js/ 		698 B
683 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.nh.ee/js/c.js
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
859ca09d35e47fed4262ed3230d408da83dc76731555d4a22663f8f54ab61b60
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 09:39:28 GMT
content-encoding
gzip
last-modified
Thu, 13 Sep 2018 07:36:30 GMT
server
DWS
age
4879
etag
"4244656298"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
430
expires
Tue, 04 May 2021 09:37:14 GMT
track_banners_init.js
cdn.cxense.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/track_banners_init.js
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bd50e622cfd440f45c5b074bcc1ee6194bc8e30cf39f83b2c17ccfe36b6ab30d

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Apr 2021 14:18:51 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4567
Expires
Sat, 08 May 2021 12:00:47 GMT
delfi.svg
h.delfi.ee/g/l/svg/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.delfi.ee/g/l/svg/delfi.svg
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
52036e323fca4d2cb6f0fee2d99bc0cff78cda2dfdded17e8280d92fc833e73c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:47:10 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 08:24:55 GMT
server
DWS
age
817
etag
"2693043295"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
1686
expires
Tue, 13 Apr 2021 09:50:52 GMT
Q2GBIW_bublik_1_1.svg
g1.nh.ee/wd/f/15223/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/wd/f/15223/Q2GBIW_bublik_1_1.svg
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
9f7497004bed56a136c5aed08783fcbb013ad0c4e8b724bcdd49468ec241e914
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:22:32 GMT
content-encoding
gzip
last-modified
Tue, 06 Apr 2021 07:18:10 GMT
server
DWS
age
2295
etag
"1579988575"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
1465
expires
Tue, 11 May 2021 07:18:19 GMT
2ACTZA_jana_1.svg
g1.nh.ee/wd/f/15220/ 		1 KB
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/wd/f/15220/2ACTZA_jana_1.svg
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
b35d8536a51dfe47f15c95aa5cdd29221754a4aa5ada9f72d244554b4ba4d0ec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:23:05 GMT
content-encoding
gzip
last-modified
Tue, 06 Apr 2021 07:18:42 GMT
server
DWS
age
2262
etag
"1338816295"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
649
expires
Tue, 11 May 2021 07:18:57 GMT
XESFAP_dekor_1_1.svg
g1.nh.ee/wd/f/15226/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/wd/f/15226/XESFAP_dekor_1_1.svg
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
b419adf767e47c16583e61f38e6b2cdbc4c784e619526ba8ac05a22cf2ced1ef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:06:51 GMT
content-encoding
gzip
last-modified
Tue, 06 Apr 2021 07:19:08 GMT
server
DWS
age
3236
etag
"1376565093"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
2838
expires
Tue, 11 May 2021 07:19:21 GMT
I97YK4_turist_1_1.svg
g1.nh.ee/wd/f/15227/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/wd/f/15227/I97YK4_turist_1_1.svg
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
35289b2857834083283f46b25ef37a6a2ddfb6e27682926d67bc4b10b05285ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:06:51 GMT
content-encoding
gzip
last-modified
Tue, 06 Apr 2021 07:19:42 GMT
server
DWS
age
3236
etag
"3727472389"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
2394
expires
Tue, 11 May 2021 07:19:55 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v3/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://rus.delfi.ee
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 03:28:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:48:53 GMT
server
sffe
age
545559
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37056
x-xss-protection
0
expires
Mon, 02 May 2022 03:28:09 GMT
Inter-SemiBold.woff2
g.delfi.ee/portalcore/fonts/inter/ 		105 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g.delfi.ee/portalcore/fonts/inter/Inter-SemiBold.woff2?v=3.11
Requested by
Host: g.delfi.ee
URL: https://g.delfi.ee/portalcore/fonts/inter/inter.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
e9bb1331830a18e2504d966f1fa931e711cad726e454722f324d63534cec97d9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Origin
https://rus.delfi.ee
Referer
https://g.delfi.ee/portalcore/fonts/inter/inter.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:59:50 GMT
last-modified
Fri, 28 Feb 2020 08:54:54 GMT
server
DWS
age
57
etag
"592170781"
strict-transport-security
max-age=15552000
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
107184
expires
Tue, 04 May 2021 09:50:52 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
fonts.gstatic.com/s/inter/v3/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44dad9f4b5fa756012db12dae57c0c691e2ab717639956bdac4f308b58174c35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://rus.delfi.ee
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 10:46:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:29:05 GMT
server
sffe
age
173661
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17016
x-xss-protection
0
expires
Fri, 06 May 2022 10:46:27 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://rus.delfi.ee
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 15:43:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:34 GMT
server
sffe
age
155824
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
expires
Fri, 06 May 2022 15:43:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700,900
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://rus.delfi.ee
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
206236
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 06 May 2022 01:43:32 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700,900
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://rus.delfi.ee
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 00:12:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
384517
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Wed, 04 May 2022 00:12:11 GMT
Inter-MediumItalic.woff2
g.delfi.ee/portalcore/fonts/inter/ 		110 KB
110 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g.delfi.ee/portalcore/fonts/inter/Inter-MediumItalic.woff2?v=3.11
Requested by
Host: g.delfi.ee
URL: https://g.delfi.ee/portalcore/fonts/inter/inter.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
67502858bb2ea92e12d56fe4a8105d418e5d67307b70d7f611b55d13c3e9c91a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Origin
https://rus.delfi.ee
Referer
https://g.delfi.ee/portalcore/fonts/inter/inter.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:41 GMT
last-modified
Fri, 28 Feb 2020 08:54:54 GMT
server
DWS
age
6
etag
"1665853321"
strict-transport-security
max-age=15552000
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=3024000
accept-ranges
bytes
content-length
112320
expires
Tue, 04 May 2021 09:50:52 GMT
bmw-auto-avarii-juht-kaed-naine-roolis-ohtlik-rool-roolis-rullnokk-soi-91908173.jpg
g1.nh.ee/images/pix/1264x711/6A4fBM3Wv7w/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/1264x711/6A4fBM3Wv7w/bmw-auto-avarii-juht-kaed-naine-roolis-ohtlik-rool-roolis-rullnokk-soi-91908173.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
947ca71cb65ed87a6441fd9bf355f16d172b70319b714d96383ba012519ff3e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:40:02 GMT
server
DWS
age
1245
etag
"e8d7049f78f05753d0b691f812eed4ad"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
content-transfer-encoding
binary
accept-ranges
bytes
x-serve-method
resize
content-length
86025
expires
Sat, 12 Jun 2021 10:40:02 GMT
rahandusminister-keit-pentus-rosimannus-reformierakond-93267201.jpg
g1.nh.ee/images/pix/588x331/vNRAhkT8GAU/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/588x331/vNRAhkT8GAU/rahandusminister-keit-pentus-rosimannus-reformierakond-93267201.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
f79b1fc394de95d8e7865fa5d1c6315ea504b6e8fce3ad29c5f7ed34a0c07467
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:38:47 GMT
last-modified
Sat, 08 May 2021 09:39:29 GMT
server
DWS
age
1320
etag
"1661181201"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
25697
expires
Sat, 12 Jun 2021 10:38:47 GMT
ltkh-covid-19-covid-19-osakond-koroona-93290449.jpg
g1.nh.ee/images/pix/282x188/FF_kHb5vJkM/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/282x188/FF_kHb5vJkM/ltkh-covid-19-covid-19-osakond-koroona-93290449.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
4d948e70c21745d88e856f422b051ce7b2fbbbc6bd5efd5863b7cf3662bcaa30
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:31:58 GMT
last-modified
Sat, 08 May 2021 07:37:14 GMT
server
DWS
age
1729
etag
"3078724012"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
13205
expires
Sat, 12 Jun 2021 10:31:58 GMT
euro-eurod-hoius-intress-kogumine-kupuur-kupuurid-majandus-majandusabi-93185059.jpg
g1.nh.ee/images/pix/282x188/IPM19genpQw/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/282x188/IPM19genpQw/euro-eurod-hoius-intress-kogumine-kupuur-kupuurid-majandus-majandusabi-93185059.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
a70df2bb078a5cb256f58843867a8f4b93127bce23de81df688ace162e10a30e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:22:10 GMT
last-modified
Sat, 08 May 2021 06:21:19 GMT
server
DWS
age
2317
etag
"2225975954"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
20264
expires
Sat, 12 Jun 2021 10:22:10 GMT
276d560939fea03f5b-93350865.jpg
g1.nh.ee/images/pix/282x188/6At85FfuBDQ/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/282x188/6At85FfuBDQ/276d560939fea03f5b-93350865.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
bed69f80ab711225d0313ddc486466fa58a5109d26cef8208ac31128e435e6c0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:43:18 GMT
last-modified
Sat, 08 May 2021 08:03:34 GMT
server
DWS
age
1049
etag
"2548455772"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
16183
expires
Sat, 12 Jun 2021 10:43:18 GMT
arkadi-babtsenko-arkady-babchenko-93355563.jpg
g1.nh.ee/images/pix/843x474/OCo-KpC_k4U/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/843x474/OCo-KpC_k4U/arkadi-babtsenko-arkady-babchenko-93355563.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
0fff8ae566092346fb77fad159453e1b95f0a51f0e79fcbf378440275ede0891
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:40:02 GMT
last-modified
Sat, 08 May 2021 09:40:04 GMT
server
DWS
age
1246
etag
"3468653717"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
45916
expires
Sat, 12 Jun 2021 10:40:02 GMT
leedu-lipp-87076141.jpg
g1.nh.ee/images/pix/384x216/VFKKh6PMKcY/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/384x216/VFKKh6PMKcY/leedu-lipp-87076141.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
4921e948e84aafabbdfdd3d14f16ec9027ed437123ad306a8fe750e8404b5296
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:32:52 GMT
last-modified
Sat, 08 May 2021 09:33:58 GMT
server
DWS
age
1675
etag
"2158830536"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
13562
expires
Sat, 12 Jun 2021 10:32:52 GMT
d3ad16087d4713bb4a-93260789.jpg
g1.nh.ee/images/pix/384x216/x46osEJd5gU/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/384x216/x46osEJd5gU/d3ad16087d4713bb4a-93260789.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
e869425f84628a92310f015b32f64e2e388df4e87aaf7974a5360dad1b11cca0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:24:06 GMT
last-modified
Sat, 08 May 2021 10:24:01 GMT
server
DWS
age
2201
etag
"3501812596"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
27919
expires
Sat, 12 Jun 2021 10:24:06 GMT
07e61609651d4774b2-93369283.jpg
g1.nh.ee/images/pix/882x496/KDExp18hFuo/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/882x496/KDExp18hFuo/07e61609651d4774b2-93369283.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
e5a259085a34b5a95c2cff2cdda597cfcda9317e2a1274c407a0e9d9b3e4af46
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:12:14 GMT
last-modified
Sat, 08 May 2021 08:57:38 GMT
server
DWS
age
2913
etag
"3493318396"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
90138
expires
Sat, 12 Jun 2021 10:12:14 GMT
b25e66096207debfe9-93367965.jpg
g1.nh.ee/images/pix/882x496/dk_KSYasEYs/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/882x496/dk_KSYasEYs/b25e66096207debfe9-93367965.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
28131019a1aed19cc5a181385a4e6579fbc9c3680bc7040ff559fb5ad5c10160
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:49:46 GMT
last-modified
Sat, 08 May 2021 06:00:08 GMT
server
DWS
age
661
etag
"3532182399"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
111941
expires
Sat, 12 Jun 2021 10:49:46 GMT
baeb76095242c82c9f-93363325.jpg
g1.nh.ee/images/pix/588x331/SfUWGxY9_cU/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/588x331/SfUWGxY9_cU/baeb76095242c82c9f-93363325.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
53f771c08b2b15be6cfacf6070b6e7972034169688dd62d8bf84b8ddb5f58ccf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:12:14 GMT
last-modified
Sat, 08 May 2021 09:26:55 GMT
server
DWS
age
2913
etag
"784721543"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
26508
expires
Sat, 12 Jun 2021 10:12:14 GMT
sole-tanava-onnetus-93368201.jpg
g1.nh.ee/images/pix/384x216/W6fF5h_bEAA/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/384x216/W6fF5h_bEAA/sole-tanava-onnetus-93368201.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
77e6628996cfb92462cbf1c30bc1c3706b7d8f28d7e27249dc46e29f171eac7b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:56:07 GMT
last-modified
Sat, 08 May 2021 05:51:50 GMT
server
DWS
age
280
etag
"3393829930"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
22745
expires
Sat, 12 Jun 2021 10:56:07 GMT
raabisefestival-kala-peipsi-toit-raabis-raabisepaike-87739335.jpg
g1.nh.ee/images/pix/384x216/bXHxD8r6p9g/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/384x216/bXHxD8r6p9g/raabisefestival-kala-peipsi-toit-raabis-raabisepaike-87739335.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
72c3f8669452c5797aae34a2422357887246d347f969b679c8ee610cb51cc97f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:27:48 GMT
last-modified
Sat, 08 May 2021 10:27:48 GMT
server
DWS
age
1979
etag
"603700140"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
23191
expires
Sat, 12 Jun 2021 10:27:48 GMT
c921c6094da9a4a53d-93359899.jpg
g1.nh.ee/images/pix/282x188/ZeQtK3B0mNs/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/282x188/ZeQtK3B0mNs/c921c6094da9a4a53d-93359899.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
d7b663b8df441e7cbe2c21d80026cebeb77521bf57fc92eb8808ba64f0842117
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:12:07 GMT
last-modified
Sat, 08 May 2021 07:30:53 GMT
server
DWS
age
2920
etag
"3673580275"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
20293
expires
Sat, 12 Jun 2021 10:12:07 GMT
6a8a86096659e2b4f5-93369569.jpg
g1.nh.ee/images/pix/282x188/aFAgb6DcRYI/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/282x188/aFAgb6DcRYI/6a8a86096659e2b4f5-93369569.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
8800a7262c59a4379d211b4c92c7fc9e6457b20dd8f789bb1567e25b3134a8c8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:27:44 GMT
server
DWS
age
1983
etag
"64c2775974dae6356f139fad95c0a6a0"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
content-transfer-encoding
binary
accept-ranges
bytes
x-serve-method
resize
content-length
17703
expires
Sat, 12 Jun 2021 10:27:44 GMT
5jpg-93365035.jpg
g1.nh.ee/images/pix/282x188/jKHepIBPXBM/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/282x188/jKHepIBPXBM/5jpg-93365035.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
7049a4f7cd4ce721bc6e92da994bfabc27107d487da15d691a935738f46bda83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:44:40 GMT
last-modified
Sat, 08 May 2021 04:27:01 GMT
server
DWS
age
967
etag
"3971985022"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
7271
expires
Sat, 12 Jun 2021 10:44:40 GMT
0jpg-93367701.jpg
g1.nh.ee/images/pix/282x188/5loyRXZ8mSA/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/282x188/5loyRXZ8mSA/0jpg-93367701.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
a3d48bb55bc67b907afb049d2b099399b322d0a3c07720ced8e1265ce9433b48
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:41:07 GMT
last-modified
Sat, 08 May 2021 10:07:41 GMT
server
DWS
age
1180
etag
"227628852"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
11740
expires
Sat, 12 Jun 2021 10:41:07 GMT
a43a4609525bd85d44-93363423.jpg
g1.nh.ee/images/pix/588x331/HDk_Qwg2MMc/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/588x331/HDk_Qwg2MMc/a43a4609525bd85d44-93363423.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
3a2d20dcd7536c8e369c08a10b81dafe9098409037ae99d06aa9ebbbd2d4819c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:27:48 GMT
last-modified
Sat, 08 May 2021 06:24:57 GMT
server
DWS
age
1979
etag
"294587545"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
53187
expires
Sat, 12 Jun 2021 10:27:48 GMT
robert-rooba-93367153.jpg
g1.nh.ee/images/pix/384x216/KqJqvopSIMk/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/384x216/KqJqvopSIMk/robert-rooba-93367153.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
f8719beea235e716e72ddf39b7ff770a3bdc05815cabbb114cdb47295c547698
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:39:47 GMT
last-modified
Sat, 08 May 2021 08:28:51 GMT
server
DWS
age
1260
etag
"480987782"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
21805
expires
Sat, 12 Jun 2021 10:39:47 GMT
693ef60963d024ae31-93368751.jpg
g1.nh.ee/images/pix/384x216/mYtdU5N0InE/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/384x216/mYtdU5N0InE/693ef60963d024ae31-93368751.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
4fbeb6fbabfa0fd481759f0ed24b0bf85e51d495c3a64b9d66ee7b2c338f48bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:40:02 GMT
last-modified
Sat, 08 May 2021 07:55:18 GMT
server
DWS
age
1245
etag
"2275747257"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
10407
expires
Sat, 12 Jun 2021 10:40:02 GMT
f384760952d120873c-93363859.jpg
g1.nh.ee/images/pix/423x282/FQRTfpFu3pU/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/423x282/FQRTfpFu3pU/f384760952d120873c-93363859.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
92c1ee9a534a15c6c3a2a99829b0c6de0ef955462a218ca909cf4f67ad68e8ed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:24:38 GMT
last-modified
Sat, 08 May 2021 09:23:31 GMT
server
DWS
age
2169
etag
"1329483344"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
19317
expires
Sat, 12 Jun 2021 10:24:38 GMT
c111460950c39d79fd-93362093.jpg
g1.nh.ee/images/pix/423x282/xAiZGiPMmwc/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/423x282/xAiZGiPMmwc/c111460950c39d79fd-93362093.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
06877648c2d272535d9ae8ed5a8312e5226585df9cd882d5b8a472d842f4b8c6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:59:51 GMT
last-modified
Sat, 08 May 2021 07:16:16 GMT
server
DWS
age
56
etag
"1242393506"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
24886
expires
Sat, 12 Jun 2021 10:59:51 GMT
a95f46094f1fc779af-93360881.jpg
g1.nh.ee/images/pix/423x282/-hevZcAm09A/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/423x282/-hevZcAm09A/a95f46094f1fc779af-93360881.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
69b793a3d82cceda306dc810d00dc03aa14d70500fd24aacc8fc7662227ee478
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:24:38 GMT
last-modified
Sat, 08 May 2021 05:38:58 GMT
server
DWS
age
2169
etag
"2791151267"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
18670
expires
Sat, 12 Jun 2021 10:24:38 GMT
b0a5860951f03eb8f5-93363031.jpg
g1.nh.ee/images/pix/423x282/vKk-aMklsz8/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/423x282/vKk-aMklsz8/b0a5860951f03eb8f5-93363031.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
02e39f03b9ffadb65751b0c2e1a21c45ecd0f8f5c053f5aa8152593983b20efa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:35:07 GMT
last-modified
Sat, 08 May 2021 09:35:12 GMT
server
DWS
age
1540
etag
"2960953817"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
22535
expires
Sat, 12 Jun 2021 10:35:07 GMT
65dab609521a846c46-93363231.jpg
g1.nh.ee/images/pix/423x282/C1CYIiPY-K4/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/423x282/C1CYIiPY-K4/65dab609521a846c46-93363231.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
b4adb62c23ad29be1013ad4144ac8c32954c91ef3064dc9e2e86bbb42e0bdb7c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:54:44 GMT
last-modified
Sat, 08 May 2021 06:56:10 GMT
server
DWS
age
364
etag
"2671156794"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
23492
expires
Sat, 12 Jun 2021 10:54:44 GMT
41cec60869e2962436-93248577.jpg
g1.nh.ee/images/pix/423x282/DeDhJJEC4OY/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/423x282/DeDhJJEC4OY/41cec60869e2962436-93248577.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
ff2176156ba8f5fde87635106f0a5c2d6552c21b2ef64702c3398cfc73a992dd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:57:17 GMT
last-modified
Sat, 08 May 2021 04:52:37 GMT
server
DWS
age
210
etag
"1511036061"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
46576
expires
Sat, 12 Jun 2021 10:57:17 GMT
88bf66094cdabb1abd-93359549.jpg
g1.nh.ee/images/pix/423x282/OW6EVQeOJbk/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/423x282/OW6EVQeOJbk/88bf66094cdabb1abd-93359549.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
f0211f93e9da6cc77049fc3229d82ce0a7062c364436c1ba6cdb62caf2ec19e5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:59:50 GMT
last-modified
Sat, 08 May 2021 09:29:48 GMT
server
DWS
age
57
etag
"2906659504"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
26554
expires
Sat, 12 Jun 2021 10:59:50 GMT
tallinn-kinnisvara-kinnisvara-arendus-kortermajad-kraana-korghooned-pi-93130527.jpg
g1.nh.ee/images/pix/423x282/Him6jjGj4bs/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/423x282/Him6jjGj4bs/tallinn-kinnisvara-kinnisvara-arendus-kortermajad-kraana-korghooned-pi-93130527.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
e92a3f6e17de0a7383624e68abbb54cb1220433eb52bf49620c9dcf712f57717
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:55:48 GMT
last-modified
Sat, 08 May 2021 08:04:21 GMT
server
DWS
age
299
etag
"2512052961"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
32703
expires
Sat, 12 Jun 2021 10:55:48 GMT
0167b6087efb621759-93263371.jpg
g1.nh.ee/images/pix/423x282/GruVRO4zgGM/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/images/pix/423x282/GruVRO4zgGM/0167b6087efb621759-93263371.jpg?up=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
5482679067ff6c29ed682e7934c95d68eca4ff7e5aec02c40521b489600bdaf2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:49:52 GMT
last-modified
Sat, 08 May 2021 10:26:25 GMT
server
DWS
age
655
etag
"408614456"
strict-transport-security
max-age=15552000
content-type
image/jpeg
cache-control
max-age=3024000
accept-ranges
bytes
x-serve-method
cache
content-length
43524
expires
Sat, 12 Jun 2021 10:49:52 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/app.141879.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2036
date
Sat, 08 May 2021 10:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 08 May 2021 12:26:52 GMT
portal-root-ru_EE-json.141879.js
g.nh.ee/m/portal-root/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/portal-root-ru_EE-json.141879.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
50a907e94825e4a66e1eb49a5c9ae14c3a1fb657ff19db0fab6e6f917997f736
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:01:09 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10779
etag
"3119788800"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
3856
expires
Fri, 11 Jun 2021 08:01:03 GMT
portal-core-ru_EE-json.141879.js
g.nh.ee/m/portal-root/ 		275 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/portal-core-ru_EE-json.141879.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
71ad120eb004fef8f4e3674c15965e6aacc6131cf393df7dbf19fee7f3f0b0de
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:01:09 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10779
etag
"2704560656"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
236
expires
Fri, 11 Jun 2021 08:01:03 GMT
portal-paywall-ru_EE-json.141879.js
g.nh.ee/m/portal-root/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/portal-paywall-ru_EE-json.141879.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
030162818cc7b10740e08b77756409adb852f00485ecb982db2780874198e97f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:01:09 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10778
etag
"2851361077"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
1252
expires
Fri, 11 Jun 2021 08:01:03 GMT
portal-login-ru_EE-json.141879.js
g.nh.ee/m/portal-root/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/portal-login-ru_EE-json.141879.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
340424479ff46b66df4cf2aabeca2a63e6c8ec6bb2cd56ead896a706dc4599bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:01:09 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10778
etag
"2905887029"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
1150
expires
Fri, 11 Jun 2021 08:01:03 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=726864560&t=pageview&_s=1&dl=https%3A%2F%2Frus.delfi.ee%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Delfi%20RUS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAAC~&jid=783568002&gjid=514921014&cid=1024484637.1620471648&tid=UA-4729238-1&_gid=1316551624.1620471648&_r=1&_slc=1&cd1=&cd2=&cd3=&cd4=&cd5=&cd6=rus.delfi.ee&cd7=ru&cd8=Online%20vaade&cd9=&cd10=&cd11=logged%20out&cd12=&cd13=logged%20out&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&z=1545309015
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/vendors/app.141879.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cx.js
scdn.cxense.com/ 		113 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scdn.cxense.com/cx.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/app.141879.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1e5e7339a9b9859bb83c3e0361a2c7f1d8dd38e627b4245c13710bcc873da853

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 10:40:30 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27200
Expires
Sat, 08 May 2021 12:00:48 GMT
/
g.delfi.ee/scms/ 		471 B
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.delfi.ee/scms/?g=t
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/app.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
46bfcc499b55652cd794cfe8e7cedf8c301f90784055eda4cc5ff77e1b2c8c98
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:44 GMT
content-encoding
gzip
last-modified
Thu, 13 Sep 2018 07:36:30 GMT
server
DWS
age
3
etag
"pub1536824190;gz"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=1800
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
324
expires
Sat, 08 May 2021 11:30:44 GMT
xgemius.js
gaee.hit.gemius.pl/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaee.hit.gemius.pl/xgemius.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/app.141879.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.77.53.76 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
ns31075284.ip-51-77-53.eu
Software
GHC /
Resource Hash
4e3adb0a2835be8dea6165a54ba56f5ae144048dc0fe9b3846e0deafb0bf5e1d

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:48 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 11:13:20 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
accept-ranges
none
content-type
application/x-javascript
content-length
10548
expires
Sat, 08 May 2021 23:00:48 GMT
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/app.141879.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23959
x-fb-rlafr
0
pragma
public
x-fb-debug
hkDsq9xuDhfHGILtETVJM1rlVQn+frFOEzCZs39BdNZ8FMYgT7UI4UIz3mX15xPlGt6fz0z3aJY12oCBbN/KmQ==
x-fb-trip-id
1425083115
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 08 May 2021 11:00:48 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
t.js
s.delfi.ee/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.delfi.ee/t.js?instanced
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/app.141879.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.142.85.218 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
tracker /
Resource Hash
034759a545e372f8668347d5b9c8c6f1b32f6fed8249ff6df729ffb019e0aaf0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:48 GMT
content-encoding
gzip
server
tracker
etag
"gz+A0dZpUXjcvhmg0fVucjG8bMvb+2CSf9t9yn/sBngqvA="
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
content-length
3763
HeaderSitemap.141879.css
g.nh.ee/m/portal-root/header/ 		59 B
272 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/header/HeaderSitemap.141879.css
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
c0a425428b89621c7b01a0d441290bcca9cb2952f1a931e11706d411074ab600
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:59 GMT
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10788
etag
"723234005"
strict-transport-security
max-age=15552000
content-type
text/css
cache-control
max-age=3024000
accept-ranges
bytes
content-length
59
expires
Fri, 11 Jun 2021 08:00:58 GMT
HeaderSitemap.141879.js
g.nh.ee/m/portal-root/header/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/header/HeaderSitemap.141879.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
36b9047813e6f481703f856ead5a9b02c9f46153c804c38ca315aaccd154c9fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:59 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10788
etag
"2836681074"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
2554
expires
Fri, 11 Jun 2021 08:00:58 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-4729238-1&cid=1024484637.1620471648&jid=783568002&gjid=514921014&_gid=1316551624.1620471648&_u=aEBAAEAAEAAAAC~&z=423372370
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/vendors/app.141879.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 08 May 2021 11:00:48 GMT
content-type
text/plain
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-4729238-1&cid=1024484637.1620471648&jid=783568002&_u=aEBAAEAAEAAAAC~&z=1048269939
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-4729238-1&cid=1024484637.1620471648&jid=783568002&_u=aEBAAEAAEAAAAC~&z=1048269939
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1884980121754918
connect.facebook.net/signals/config/ 		254 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1884980121754918?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d5b913017774579b8e0649bd6e50621b4caad3526e89d3f11f0ab5687744fe3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
74312
x-fb-rlafr
0
pragma
public
x-fb-debug
sE9taykOlWfeV26uuCdd30N29h+cVF9yW4ci4HuNs0ZkuOSsSTTmocZIfkFqpxC5lbJj7JuLUOSWbqwWkEVIJw==
x-frame-options
DENY
date
Sat, 08 May 2021 11:00:48 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
_d
ts.delfi.ee/ 		43 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ts.delfi.ee/_d?s=rus&u=https%3A//rus.delfi.ee/&h=&r=&t=1620471648538
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
server
DWS
age
0
strict-transport-security
max-age=15552000
content-type
image/gif
cache-control
post-check=0, must-revalidate, no-store, no-cache, pre-check=0
accept-ranges
bytes
content-length
43
expires
0
csc-event
s.delfi.ee/ 		37 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.delfi.ee/csc-event?p=0%3Akofmzacq%3AyEOzrw2XbkKjV5h~~lulcvwha_yqaQUP&s=0%3Akofmzacq%3A2jM942KI8dsZweDrKr2EIa9VvXNQYgs0&v=0%3A844SS3ZFy8ucS58LSfn58lY59eyHL8Xr&e=0%3A1SDnsshJ5YIV7GsTED21jl~aDc3GzEHA0&c=kofmzacv&n=t&f=t&l=https%3A%2F%2Frus.delfi.ee%2F&i=18g&j=xc&k=1&w=18g&h=xc&t=pageView&a=none&x=-1sr4y7
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.142.85.218 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
tracker /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
server
tracker
etag
"6b3edc43-20ec-4078-bc47-e965dd76b88a"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate
content-length
37
expires
Fri, 14 Apr 1995 11:30:00 GMT
csc-event
s.delfi.ee/ 		37 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.delfi.ee/csc-event?p=0%3Akofmzacq%3AyEOzrw2XbkKjV5h~~lulcvwha_yqaQUP&s=0%3Akofmzacq%3A2jM942KI8dsZweDrKr2EIa9VvXNQYgs0&v=0%3AXbqzGz_~l8QJYOKJM7I3VEmy4CyoPFAY&e=0%3AyoBe3eHEJFFk0GDUdi1~0yEhnpwEEXLY0&c=kofmzacy&n=f&f=f&l=https%3A%2F%2Frus.delfi.ee%2F&i=18g&j=xc&k=1&w=18g&h=xc&t=pageView&a=none&x=syka36
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.142.85.218 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
tracker /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
server
tracker
etag
"6b3edc43-20ec-4078-bc47-e965dd76b88a"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate
content-length
37
expires
Fri, 14 Apr 1995 11:30:00 GMT
fpdata.js
gaee.hit.gemius.pl/ 		277 B
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaee.hit.gemius.pl/fpdata.js?href=rus.delfi.ee
Requested by
Host: gaee.hit.gemius.pl
URL: https://gaee.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.77.53.76 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
ns31075284.ip-51-77-53.eu
Software
GHC /
Resource Hash
6e67b2fe28f343e9e8d31f0a817790dd5d30b670b78385b09132106002989f05

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:48 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
accept-ranges
none
content-type
application/x-javascript
content-length
277
expires
Mon, 07 Jun 2021 11:00:48 GMT
/
adx.adform.net/adx/ Frame EE21 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=562979&mkw=channel_vue,channel_rudelfi,channel_frontpage,rudelfi_frontpage,logged_out&mkv=channel:rudelfi,network:4g,screen_width:1600,screen_height:1200,locale:et_EE,position:pos_001,chn_pos:rudelfi_001,chn_fp_pos:rudelfi_001&adid=ec5fb8d3-9de2-479f-9ec2-24af01c69b7b
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fd51eae6991722ff2a2f91a9ee18b305de316d3841963b850f4f44470b591060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1203
expires
-1
/
c.cintnetworks.com/ 		0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.cintnetworks.com/?a=2495&i=224&id=cxense_224:kofmzad5iofz74z2
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:48 GMT
Arr-Disable-Session-Affinity
true
Cache-Control
no-cache, no-store, must-revalidate
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
rep.gif
scomcluster.cxense.com/Repo/ 		43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scomcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=kofmzad7fhg3uf9s&sid=1145189970857384309&loc=https%3A%2F%2Frus.delfi.ee%2F&new=0&arf=0&ltm=1620471648571&ref=&tzo=-120&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=kofmzad8omclg8bj&ckp=kofmzad5iofz74z2&glb=&wsz=1600x1200&cp_channel=rudelfi&cp_platform=Online%20vaade
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.80.167 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.167.80.202.116.clients.your-server.de
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:48 GMT
server
Jetty(9.4.28.v20200408)
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
content-type
image/gif
/
www.facebook.com/tr/ 		44 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1884980121754918&ev=PageView&dl=https%3A%2F%2Frus.delfi.ee%2F&rl=&if=false&ts=1620471648602&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620471648600.1907176129&it=1620471648537&coo=false&exp=l0&rqm=GET
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 08 May 2021 11:00:48 GMT
/
adx.adform.net/adx/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTQzNTYxMiZta3c9Y2hhbm5lbF92dWUsY2hhbm5lbF9ydWRlbGZpLGNoYW5uZWxfZnJvbnRwYWdlLHJ1ZGVsZmlfZnJvbnRwYWdlLGxvZ2dlZF9vdXQmbWt2PWNoYW5uZWw6cnVkZWxmaSxuZXR3b3JrOjRnLHNjcmVlbl93aWR0aDoxNjAwLHNjcmVlbl9oZWlnaHQ6MTIwMCxsb2NhbGU6ZXRfRUUscG9zaXRpb246cG9zXzAwMSxjaG5fcG9zOnJ1ZGVsZmlfMDAxLGNobl9mcF9wb3M6cnVkZWxmaV8wMDE&bWlkPTQ1MTQzNCZta3c9Y2hhbm5lbF92dWUsY2hhbm5lbF9ydWRlbGZpLGNoYW5uZWxfZnJvbnRwYWdlLHJ1ZGVsZmlfZnJvbnRwYWdlLGxvZ2dlZF9vdXQmbWt2PWNoYW5uZWw6cnVkZWxmaSxuZXR3b3JrOjRnLHNjcmVlbl93aWR0aDoxNjAwLHNjcmVlbl9oZWlnaHQ6MTIwMCxsb2NhbGU6ZXRfRUUscG9zaXRpb246cG9zXzAwMSxjaG5fcG9zOnJ1ZGVsZmlfMDAxLGNobl9mcF9wb3M6cnVkZWxmaV8wMDE&bWlkPTk1NDg5NSZta3c9Y2hhbm5lbF92dWUsY2hhbm5lbF9ydWRlbGZpLGNoYW5uZWxfZnJvbnRwYWdlLHJ1ZGVsZmlfZnJvbnRwYWdlLGxvZ2dlZF9vdXQmbWt2PWNoYW5uZWw6cnVkZWxmaSxuZXR3b3JrOjRnLHNjcmVlbl93aWR0aDoxNjAwLHNjcmVlbl9oZWlnaHQ6MTIwMCxsb2NhbGU6ZXRfRUUscG9zaXRpb246cG9zXzAwMSxjaG5fcG9zOnJ1ZGVsZmlfMDAxLGNobl9mcF9wb3M6cnVkZWxmaV8wMDE&bWlkPTk1NDg5NiZta3c9Y2hhbm5lbF92dWUsY2hhbm5lbF9ydWRlbGZpLGNoYW5uZWxfZnJvbnRwYWdlLHJ1ZGVsZmlfZnJvbnRwYWdlLGxvZ2dlZF9vdXQmbWt2PWNoYW5uZWw6cnVkZWxmaSxuZXR3b3JrOjRnLHNjcmVlbl93aWR0aDoxNjAwLHNjcmVlbl9oZWlnaHQ6MTIwMCxsb2NhbGU6ZXRfRUUscG9zaXRpb246cG9zXzAwMSxjaG5fcG9zOnJ1ZGVsZmlfMDAxLGNobl9mcF9wb3M6cnVkZWxmaV8wMDE&bWlkPTk1NDg5MiZta3c9Y2hhbm5lbF92dWUsY2hhbm5lbF9ydWRlbGZpLGNoYW5uZWxfZnJvbnRwYWdlLHJ1ZGVsZmlfZnJvbnRwYWdlLGxvZ2dlZF9vdXQmbWt2PWNoYW5uZWw6cnVkZWxmaSxuZXR3b3JrOjRnLHNjcmVlbl93aWR0aDoxNjAwLHNjcmVlbl9oZWlnaHQ6MTIwMCxsb2NhbGU6ZXRfRUUscG9zaXRpb246cG9zXzAwMSxjaG5fcG9zOnJ1ZGVsZmlfMDAxLGNobl9mcF9wb3M6cnVkZWxmaV8wMDE&adid=ec5fb8d3-9de2-479f-9ec2-24af01c69b7b&url=https%3A%2F%2Frus.delfi.ee%2F&callback=_adform_cb_1620471648609_8541003083785113
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ca4f1d4eaa6c11f7cda505e0fd68a1da43a50c39d79e7828de1cb2578c1af918
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3580
expires
-1
Category.141879.css
g.nh.ee/m/portal-root/page/ 		55 B
269 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/page/Category.141879.css
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
6b9f95f4fbb15d9fa44fb88e47f3e4639523c6f631ef46b6ad59866d2bbe1fa0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:01:00 GMT
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10788
etag
"3944459477"
strict-transport-security
max-age=15552000
content-type
text/css
cache-control
max-age=3024000
accept-ranges
bytes
content-length
55
expires
Fri, 11 Jun 2021 08:00:58 GMT
Category.141879.js
g.nh.ee/m/portal-root/page/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/page/Category.141879.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
d04730ea1ae5f8ffe3a2fa915a4d851c92f204e6917ae2425e47da61eac618b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:01:00 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10788
etag
"2962502517"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
5102
expires
Fri, 11 Jun 2021 08:00:58 GMT
Tag.141879.css
g.nh.ee/m/portal-root/page/ 		448 B
469 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/page/Tag.141879.css
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
ce3ed7453ce7992665c50f0be1a2ffb1d60a0e8ce5711b00be67b134278fbedb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:01:09 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10779
etag
"2895401491"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
229
expires
Fri, 11 Jun 2021 08:01:06 GMT
Tag.141879.js
g.nh.ee/m/portal-root/page/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/page/Tag.141879.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
c5a0ab86e2728f213526a8ccb95aaf1a4a3519420e63e1e049c535fed642b2dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:01:09 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10778
etag
"1018450213"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
1661
expires
Fri, 11 Jun 2021 08:01:06 GMT
ArticleBase.141879.js
g.nh.ee/m/portal-root/page/ 		297 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/page/ArticleBase.141879.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
f62a26affd4ea87eaa28955c9d923bd34172af63cda5b6648d176442b2067ec8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:58 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10790
etag
"2574537232"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
233
expires
Fri, 11 Jun 2021 08:00:57 GMT
Issue.141879.js
g.nh.ee/m/portal-root/vendors/page/Article/page/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/vendors/page/Article/page/Issue.141879.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
05e54ef038fd76d4b5ee2e108748918a711501b466e5c0795ec9104ec2011861
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:57 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10790
etag
"689197459"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
2832
expires
Fri, 11 Jun 2021 08:00:57 GMT
Issue.141879.css
g.nh.ee/m/portal-root/page/Article/page/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/page/Article/page/Issue.141879.css
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
26930b7c44aa767a32b5d610cbe5dd0e275ef6ffce8f6e53257d98569242abbe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:57 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10790
etag
"500446037"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
2778
expires
Fri, 11 Jun 2021 08:00:57 GMT
Issue.141879.js
g.nh.ee/m/portal-root/page/Article/page/ 		76 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/page/Article/page/Issue.141879.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
5074aa22f9638ceb6a58ab55d0098e73e72ae2700287a74f23eb2cb91e601557
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:57 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10790
etag
"630472544"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
18520
expires
Fri, 11 Jun 2021 08:00:57 GMT
Article.141879.js
g.nh.ee/m/portal-root/page/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/page/Article.141879.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
3415d8e36b5eb74a39b9148c0de41f66d07bd88fafde42ca0f3d1edbe903585a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:58 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10790
etag
"2962510114"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
1470
expires
Fri, 11 Jun 2021 08:00:57 GMT
ArticleComments.141879.css
g.nh.ee/m/portal-root/page/ 		2 KB
927 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/page/ArticleComments.141879.css
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
d3ab6c541c0d2ab76b7dc0ed0c60dca7649eb87fb3cfde8b6f503d442f276a8d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:59 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10788
etag
"2578731313"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
687
expires
Fri, 11 Jun 2021 08:00:59 GMT
ArticleComments.141879.js
g.nh.ee/m/portal-root/page/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.nh.ee/m/portal-root/page/ArticleComments.141879.js
Requested by
Host: g.nh.ee
URL: https://g.nh.ee/m/portal-root/runtime.141879.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
eb5ada54a1da47d3bcfc18d4e9e4e7c8e798efd987eb210c03e6f2bc80e81673
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 08:00:59 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 07:59:28 GMT
server
DWS
age
10788
etag
"1035219745"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3024000
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
3849
expires
Fri, 11 Jun 2021 08:00:59 GMT
rexdot.js
gaee.hit.gemius.pl/__/_1620471648643/
Redirect Chain
  • https://gaee.hit.gemius.pl/_1620471648643/rexdot.js?l=100&id=zUBFz2NQPZktO8.iOaJ6pcUX38OZi28AdZXobDOoz.3.I7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Frus.delf...
  • https://gaee.hit.gemius.pl/__/_1620471648643/rexdot.js?l=100&id=zUBFz2NQPZktO8.iOaJ6pcUX38OZi28AdZXobDOoz.3.I7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Frus.d...
167 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaee.hit.gemius.pl/__/_1620471648643/rexdot.js?l=100&id=zUBFz2NQPZktO8.iOaJ6pcUX38OZi28AdZXobDOoz.3.I7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Frus.delfi.ee%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=m39lDSMi9cZdKrsPzFDmLeyB5KQib2oeDyVaMJIe.2P.h7&vis=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.77.53.76 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
ns31075284.ip-51-77-53.eu
Software
GHC /
Resource Hash
583ecebd31065a02c5a0fa9fd30c5392428e96773035178b63e534f208efc217

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-type
application/x-javascript
content-length
167
expires
Fri, 07 May 2021 11:00:48 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1620471648643/rexdot.js?l=100&id=zUBFz2NQPZktO8.iOaJ6pcUX38OZi28AdZXobDOoz.3.I7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Frus.delfi.ee%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=m39lDSMi9cZdKrsPzFDmLeyB5KQib2oeDyVaMJIe.2P.h7&vis=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Fri, 07 May 2021 11:00:48 GMT
adx.js
af1.nh.ee/banners/scripts/ Frame EE21 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/banners/scripts/adx.js
Requested by
Host: adx.adform.net
URL: https://adx.adform.net/adx/?mid=562979&mkw=channel_vue,channel_rudelfi,channel_frontpage,rudelfi_frontpage,logged_out&mkv=channel:rudelfi,network:4g,screen_width:1600,screen_height:1200,locale:et_EE,position:pos_001,chn_pos:rudelfi_001,chn_fp_pos:rudelfi_001&adid=ec5fb8d3-9de2-479f-9ec2-24af01c69b7b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
339915a320943d2d72b50b87a44a03dd5945df0e720619199ec003af5a7a82a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 09:52:56 GMT
content-encoding
gzip
vary
Accept-Encoding
age
4071
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
content-length
23896
last-modified
Mon, 22 Mar 2021 09:07:52 GMT
server
DWS
etag
W/"60585e68-e7c1"
strict-transport-security
max-age=15552000
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
x-robots-tag
noindex, nofollow
bootstrap.js
af1.nh.ee/stoat/626/af1.nh.ee/ Frame B0B5 		35 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
2ad1e94146442c51e50b7cda1da6fa5fe2f09f62bf15ffc1404bbdeb3e50db8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 01:31:08 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
DWS
age
34180
x-cache-status
MISS
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
strict-transport-security
max-age=15552000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
16664
expires
Sun, 09 May 2021 05:17:48 GMT
pixel
cm.adform.net/ Frame B0B5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://x.bidswitch.net/ul_cb/sync?ssp=adform
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=adform&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=p9ut4LpaGbbXk3hRzc7PWxY0&ssp=adform
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=f522abdd-178f-4127-9035-e4fbe2f6d9b0&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=f522abdd-178f-4127-9035-e4fbe2f6d9b0&adform_v=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

location
//cm.adform.net/pixel?adform_pid=3&adform_pc=f522abdd-178f-4127-9035-e4fbe2f6d9b0&adform_v=1
date
Sat, 08 May 2021 11:00:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.adform.net/ Frame B0B5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm=&google_sc=&google_tc=
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHMN87l4p9Qly-TfN748zK8&google_cver=1&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHMN87l4p9Qly-TfN748zK8&google_cver=1&adform_v=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHMN87l4p9Qly-TfN748zK8&google_cver=1&adform_v=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame B0B5
Redirect Chain
  • https://sync.clickonometrics.pl/adform/set-cookie?id=8545480290022290403&redirurl=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d12%26adform_pc%3d
  • https://cm.adform.net/pixel?adform_pid=12&adform_pc=215927_317227
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=12&adform_pc=215927_317227
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/pixel?adform_pid=12&adform_pc=215927_317227
pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
server
nginx
content-type
text/html; charset=UTF-8
pixel
cm.adform.net/ Frame B0B5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=7523440425051550206
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=7523440425051550206
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:48 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.42:80
AN-X-Request-Uuid
e3c03efd-9328-4bf0-a4c8-71fc6b92b2ae
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=7523440425051550206
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame B0B5
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ada0ce9-91b4-4935-92d1-c6d7a344f3c2
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ada0ce9-91b4-4935-92d1-c6d7a344f3c2
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0ada0ce9-91b4-4935-92d1-c6d7a344f3c2
Date
Sat, 08 May 2021 11:00:48 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
bootstrap.js
af1.nh.ee/stoat/626/af1.nh.ee/ Frame 6CB9 		35 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
2ad1e94146442c51e50b7cda1da6fa5fe2f09f62bf15ffc1404bbdeb3e50db8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 01:31:08 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
DWS
age
34180
x-cache-status
MISS
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
strict-transport-security
max-age=15552000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
16664
expires
Sun, 09 May 2021 05:17:48 GMT
bidswitch
match.prod.bidr.io/cookie-sync/ Frame 6CB9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://x.bidswitch.net/ul_cb/sync?ssp=adform
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=adform&gdpr=&gdpr_consent=
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=adform&gdpr=&gdpr_consent=
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-40-147.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 08 May 2021 11:00:49 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=adform&gdpr=&gdpr_consent=
date
Sat, 08 May 2021 11:00:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.adform.net/ Frame 6CB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm=&google_sc=&google_tc=
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESENN9-gGNRwhASSdUnKqOkik&google_cver=1&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESENN9-gGNRwhASSdUnKqOkik&google_cver=1&adform_v=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESENN9-gGNRwhASSdUnKqOkik&google_cver=1&adform_v=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame 6CB9
Redirect Chain
  • https://sync.clickonometrics.pl/adform/set-cookie?id=8545480290022290403&redirurl=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d12%26adform_pc%3d
  • https://cm.adform.net/pixel?adform_pid=12&adform_pc=216193_317184
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=12&adform_pc=216193_317184
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/pixel?adform_pid=12&adform_pc=216193_317184
pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
server
nginx
content-type
text/html; charset=UTF-8
pixel
cm.adform.net/ Frame 6CB9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=8721297867726870223
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=8721297867726870223
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:48 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.118:80
AN-X-Request-Uuid
28df6da7-ce53-4faf-9075-5d6c4d1167b1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=8721297867726870223
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame 6CB9
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=a2a29598-1255-4591-aa16-a633d027a1db
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=a2a29598-1255-4591-aa16-a633d027a1db
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=a2a29598-1255-4591-aa16-a633d027a1db
Date
Sat, 08 May 2021 11:00:48 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
siteheader.js
s1.adform.net/Banners/Elements/Files/146996/2932089/ Frame CF66 		811 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/146996/2932089/siteheader.js?bn=45642394;v=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5797691548eb8ee126ca300c213860aac9a5c967f1066e301cffc03aa13e060e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:48 GMT
content-encoding
gzip
last-modified
Tue, 27 Feb 2018 13:10:46 GMT
server
nginx
etag
W/"5a9558d6-32b"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
pixel
cm.adform.net/ Frame CF66
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=adform&bsw_custom_parameter=f522abdd-178f-4127-9035-e4fbe2f6d9b0
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=adform&bsw_custom_parameter=f522abdd-178f-4127-9035-e4fbe2f6d9b0
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=bcfe04be-3fe6-430f-98a3-b86a280c9126&ssp=adform&expires=30&user_group=5&bsw_param=f522abdd-178f-4127-9035-e4fbe2f6d9b0
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=f522abdd-178f-4127-9035-e4fbe2f6d9b0&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=f522abdd-178f-4127-9035-e4fbe2f6d9b0&adform_v=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

location
//cm.adform.net/pixel?adform_pid=3&adform_pc=f522abdd-178f-4127-9035-e4fbe2f6d9b0&adform_v=1
date
Sat, 08 May 2021 11:00:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.adform.net/ Frame CF66
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm=&google_sc=&google_tc=
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEKUDwiGB6zCEXlIaGJvTwL0&google_cver=1&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEKUDwiGB6zCEXlIaGJvTwL0&google_cver=1&adform_v=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEKUDwiGB6zCEXlIaGJvTwL0&google_cver=1&adform_v=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame CF66
Redirect Chain
  • https://sync.clickonometrics.pl/adform/set-cookie?id=8545480290022290403&redirurl=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d12%26adform_pc%3d
  • https://cm.adform.net/pixel?adform_pid=12&adform_pc=227300_316836
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=12&adform_pc=227300_316836
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/pixel?adform_pid=12&adform_pc=227300_316836
pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
server
nginx
content-type
text/html; charset=UTF-8
pixel
cm.adform.net/ Frame CF66
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=8721297867726870223
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=8721297867726870223
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:49 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid
26a5b130-96de-4ca8-8fbc-3c21bb138aeb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=8721297867726870223
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame CF66
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=a2a29598-1255-4591-aa16-a633d027a1db
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=a2a29598-1255-4591-aa16-a633d027a1db
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
accept-ranges
bytes
etag
"5784fa70-2b"
content-length
43
content-type
image/gif

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=a2a29598-1255-4591-aa16-a633d027a1db
Date
Sat, 08 May 2021 11:00:49 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2998
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
bootstrap.js
af1.nh.ee/stoat/626/af1.nh.ee/ Frame CF66 		35 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
2ad1e94146442c51e50b7cda1da6fa5fe2f09f62bf15ffc1404bbdeb3e50db8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 01:31:08 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
DWS
age
34180
x-cache-status
MISS
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
strict-transport-security
max-age=15552000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
16664
expires
Sun, 09 May 2021 05:17:48 GMT
/
track.adform.net/adfserve/ Frame 6CB9 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=36862089;rtbwp=MTRhkF1PPcQ1;rtbdata=-73GEBLHlnVdCehKKruYekNCMXzhzNVqO_f71yBJSJgYXKhYOLtsaIp-BrszzkeaKEIa0vzkSqKOxU9WWFinwML6Cb7gV_qqpP-0GKyfsUAEl2bPuYbvCg8V89Nj13ZtlM-qvnsIwQ7DeIjrSAcYFw2;csid=85505;pui=q40_VW_NVZaLGnSjla2oOQk5zV0hzpRCDx1K8ZNxr0on6KVc5T7UIlYpKObaBerlDM52Dr38TbM0kQTZRoEQhj-m8yvlizCCA7z_uuw_WOM1;adxvars=EnuD05QSDpiu7n-9lBY4jCmV8zAdCXPtxP1jqr9M9RzBQfF2VmgX3X0ZnuzDZnP9_8hlTmhlwk9evBo7TScIrlJDhi0Lcj87WFftp9anb_SLx3d_NpjMpSm8LE9L9O6i9vPntZY8cOjfGHYhGEBzsXFNbdWUUaeH25CsXkRpVszMIsS_3pUO00STmTUEMx07yLjKYuCVlIHB9s6arDrHDQD0RPXN0lXnZkzvEnnYVYTyy4wyDeiitL29pwlpr4xG0KaT4vFO-uk41UNF96Y0nDQp39rtC4WSTl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcj14kPtH9xaQ8i06k6C3BxSjsnMjdaoSEy7g36-3dGKM4MlVkqfm9RgqGqhgEzk62OwHGz6B6dJ1w2;adxcmd=QTwuOIuaMWyJAahooV75YaLobcS8zXmK0;;js=1;adfxid=1x;9603;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Frus.delfi.ee%2F
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f9a5544263db8d83c939a55c05c3ed6dbf75f37c0b587eb411285b5a3e865467
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
4369
expires
-1
/
track.adform.net/adfserve/ Frame B0B5 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=36867540;rtbwp=MTRhkF1PPcQ1;rtbdata=pyLrtPJtGIJPadxcf7dMlvJZ5XicarqoweG9a8GiNoO5HpINcc_uUYp-BrszzkeaRAPsj0nyapmOxU9WWFinwML6Cb7gV_qqpP-0GKyfsUAEl2bPuYbvCg8V89Nj13ZtlM-qvnsIwQ7DeIjrSAcYFw2;csid=82897;pui=q40_VW_NVZaLGnSjla2oOQk5zV0hzpRCDx1K8ZNxr0on6KVc5T7UIlYpKObaBerlDM52Dr38TbM0kQTZRoEQhj-m8yvlizCCA7z_uuw_WOM1;adxvars=EnuD05QSDpgPDAynFSSJ3CmV8zAdCXPtxP1jqr9M9RzBQfF2VmgX3X0ZnuzDZnP9_8hlTmhlwk9evBo7TScIrujxciOAuJYtEY1E-DIXNNJjG9J2fw5nANPOZ-KNB9-2VGKAr-MaNlsRzMQZFNLc-nFNbdWUUaeH25CsXkRpVszMIsS_3pUO00STmTUEMx07yLjKYuCVlIHB9s6arDrHDQD0RPXN0lXnZkzvEnnYVYTyy4wyDeiitL29pwlpr4xG0KaT4vFO-uk41UNF96Y0nDQp39rtC4WSTl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcj14kPtH9xaQ8i06k6C3BxSjsnMjdaoSEy7g36-3dGKM4MlVkqfm9RgqGqhgEzk62OwHGz6B6dJ1w2;adxcmd=QTwuOIuaMWyJAahooV75YaLobcS8zXmK0;;js=1;adfxid=2x;6785;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Frus.delfi.ee%2F
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e015dff705963824c8a02ede663ad5f934d18f38bf71967c7dc5344022db5f45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
4351
expires
-1
/
track.adform.net/adfserve/ Frame CF66 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=45642394;rtbwp=oYeDAySWWiI1;rtbdata=ZDjHwIaYSBFaejxQuQEe0QEfGVffnz8_3kT63gyFyr1N4W3sxBQ98op-Brszzkea6sYh8PKVwwWOxU9WWFinwML6Cb7gV_qqpP-0GKyfsUAEl2bPuYbvCg8V89Nj13ZtlM-qvnsIwQ7DeIjrSAcYFw2;csid=87883;pui=q40_VW_NVZaLGnSjla2oOQk5zV0hzpRCDx1K8ZNxr0on6KVc5T7UIlYpKObaBerlDM52Dr38TbM0kQTZRoEQhj-m8yvlizCCA7z_uuw_WOM1;adxvars=EnuD05QSDpjy1F7SNpPYWfs9APOQ3NaGxP1jqr9M9RzBQfF2VmgX3X0ZnuzDZnP9_8hlTmhlwk9evBo7TScIrqwIk5e04NStgT3v5svbYOW6ju9TOUYjNtzMdZ1buOT-C4j6hPy6qDhlJ0QIrUe_VXFNbdWUUaeH25CsXkRpVszMIsS_3pUO00STmTUEMx07yLjKYuCVlIHB9s6arDrHDQD0RPXN0lXnZkzvEnnYVYTyy4wyDeiitL29pwlpr4xG0KaT4vFO-uk41UNF96Y0nDQp39rtC4WSTl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcj14kPtH9xaQ8i06k6C3BxSjsnMjdaoSEy7g36-3dGKM4MlVkqfm9RgqGqhgEzk62OzqaJiGF9SP01UJNdESrjx0;adxcmd=lDbNZc6D8ECJAahooV75YaLobcS8zXmK0;;js=1;adfxid=3x;5280;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Frus.delfi.ee%2F
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
12fe6bc4ffa4e8f06b8397d44681b6146284fdd294e6efdabd5ce2ce6b6b7aa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
4983
expires
-1
tmp-keytarget.min.js
keytarget.adnet.lt/stable/ Frame C2B7 		405 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.237 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
193-200-125-237.cust.interdata.lt
Software
nginx /
Resource Hash
11b7669a7273651431f1e53e012d945b4c251bc208e39edcaaf35f6eed0d8262

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 08:00:32 GMT
server
nginx
age
2819
etag
"6090ff20-65577"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
150358
expires
Sun, 09 May 2021 11:00:49 GMT
Spinner200px.gif
banners.adnetmedia.lt/creatives/ Frame C2B7 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banners.adnetmedia.lt/creatives/Spinner200px.gif
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.15 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
193-200-125-15.cust.interdata.lt
Software
nginx /
Resource Hash
f1bb4f4e526c417896deb5521d188bd77fc982b0ed258cfbfa91dccc681548e0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Thu, 18 Oct 2018 13:16:39 GMT
server
nginx
age
2048
etag
"5bc887b7-2d9d"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
11677
/
track.adform.net/csimpr/ Frame 6CB9 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=36862089&csi=xoqlxnR8WXECQuuXmHJe_SmiyZET4rhpqJaKrCvDimcCSGHUPR3ExK_xsUMRANKFm55Sbh4nvwbO1kVaYFwhV55IH9_pwygcYfVO8LiOtmAK7_TNjXuuQ4M2MFwoq1whTf9iqEMLWc8au94oJsHc8Q2
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:49 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/jsmetrics/ Frame 6CB9 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/jsmetrics/?adfserve=47&asset=56&sid=250&rid=34979&cid=227139
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Wed, 11 Oct 2017 13:40:08 GMT
server
nginx
etag
"59de1f38-2b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
43
tmp-keytarget.min.js
keytarget.adnet.lt/stable/ Frame 8F69 		405 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.237 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
193-200-125-237.cust.interdata.lt
Software
nginx /
Resource Hash
11b7669a7273651431f1e53e012d945b4c251bc208e39edcaaf35f6eed0d8262

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 08:00:32 GMT
server
nginx
age
2819
etag
"6090ff20-65577"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
150358
expires
Sun, 09 May 2021 11:00:49 GMT
Spinner200px.gif
banners.adnetmedia.lt/creatives/ Frame 8F69 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banners.adnetmedia.lt/creatives/Spinner200px.gif
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.15 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
193-200-125-15.cust.interdata.lt
Software
nginx /
Resource Hash
f1bb4f4e526c417896deb5521d188bd77fc982b0ed258cfbfa91dccc681548e0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Thu, 18 Oct 2018 13:16:39 GMT
server
nginx
age
2048
etag
"5bc887b7-2d9d"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
11677
/
track.adform.net/csimpr/ Frame B0B5 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=36867540&csi=VYg-A_zMyOyeB9QERwk6MLFoCGTMXH6VqJaKrCvDimcCSGHUPR3ExK_xsUMRANKFm55Sbh4nvwbO1kVaYFwhV55IH9_pwygcYfVO8LiOtmAK7_TNjXuuQ6TrRJEcDDQXTf9iqEMLWc8au94oJsHc8Q2
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:49 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/adfserve/ Frame CF66 		35 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/adfserve/?bn=45600798;1x1inv=1;srctype=3;ord=[timestamp]&rnd=37756
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:49 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
ThirdParty
af1.nh.ee/stoat/626/af1.nh.ee/load/v/0.0.206/e/.gSBgiLA/i/vCAv.IAAAAAoAA/r:types/ Frame 6CB9 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/stoat/626/af1.nh.ee/load/v/0.0.206/e/.gSBgiLA/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
f644111d79c25160befe025154fc7d8edb57ebcda35b0a2df2c413405a408d2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
DWS
age
0
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
strict-transport-security
max-age=15552000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Sun, 09 May 2021 14:44:43 GMT
ThirdParty
af1.nh.ee/stoat/626/af1.nh.ee/load/v/0.0.206/e/.gSBgiLA/i/vCAv.IAAAAAoAA/r:types/ Frame B0B5 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/stoat/626/af1.nh.ee/load/v/0.0.206/e/.gSBgiLA/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
f644111d79c25160befe025154fc7d8edb57ebcda35b0a2df2c413405a408d2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
DWS
age
0
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
strict-transport-security
max-age=15552000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Sun, 09 May 2021 14:44:43 GMT
Standard
af1.nh.ee/stoat/626/af1.nh.ee/load/v/0.0.206/e/.gSBgiLA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame CF66 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/stoat/626/af1.nh.ee/load/v/0.0.206/e/.gSBgiLA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
fb0a6924423ccf7d116f277f94c55ac3ac6328833a8b821e8d4e0fad48e116bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:56:08 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
DWS
age
280
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
strict-transport-security
max-age=15552000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
39774
expires
Sun, 09 May 2021 14:22:27 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1884980121754918&ev=Microdata&dl=https%3A%2F%2Frus.delfi.ee%2F&rl=&if=false&ts=1620471649106&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Delfi%20RUS%22%2C%22meta%3Adescription%22%3A%22Delfi%20RUS%22%2C%22meta%3Akeywords%22%3A%22Delfi%20RUS%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Frus.delfi.ee%22%2C%22og%3Asite_name%22%3A%22Delfi%20RUS%22%2C%22og%3Atitle%22%3A%22Delfi%20RUS%22%2C%22og%3Adescription%22%3A%22Delfi%20RUS%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fh.delfi.ee%2Fg%2Fog%2Fdelfi_1200x628.png%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22628%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Frus.delfi.ee%22%2C%22author%22%3A%7B%22%40type%22%3A%22Person%22%2C%22name%22%3A%22Delfi%20RUS%22%7D%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Delfi%22%7D%2C%22description%22%3A%22Delfi%20RUS%22%7D%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620471648600.1907176129&it=1620471648537&coo=false&es=automatic&tm=3&exp=l0&rqm=GET
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sat, 08 May 2021 11:00:49 GMT
/
track.adform.net/csimpr/ Frame CF66 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=45642394&csi=nzEewDe6I5vxd-zDrypAfzE1xJSckJY0A-jORSc0rP0CSGHUPR3ExK_xsUMRANKFm55Sbh4nvwbO1kVaYFwhV55IH9_pwygcYfVO8LiOtmAK7_TNjXuuQ6JRBWMp35duTf9iqEMLWc8au94oJsHc8Q2
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:49 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
close2016.png
g1.nh.ee/b/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.nh.ee/b/close2016.png
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.192 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy1.delfi.ee
Software
DWS /
Resource Hash
43d770b69af69d2605e20517ba52e4bf913159fb0f3c20167513b0d9feb5cf6a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:35:57 GMT
last-modified
Mon, 05 Sep 2016 13:54:18 GMT
server
DWS
age
1491
etag
"627630167"
strict-transport-security
max-age=15552000
content-type
image/png
cache-control
max-age=3024000
accept-ranges
bytes
content-length
1684
expires
Tue, 04 May 2021 09:37:19 GMT
9584833.js
af1.nh.ee/Banners/Elements/Files/151234/9584833/main/ Frame D3F6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/Banners/Elements/Files/151234/9584833/main/9584833.js?ADFassetID=9584833&bv=771
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
0846bbba2be93e676a32eeca7d7e199b0fc5575dbe53a5c91c6a8ed646fd453c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 06:23:56 GMT
content-encoding
gzip
vary
Accept-Encoding
age
16612
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
content-length
1105
last-modified
Mon, 26 Apr 2021 06:33:21 GMT
server
DWS
etag
W/"60865eb1-bcc"
strict-transport-security
max-age=15552000
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
x-robots-tag
noindex, nofollow
Adform.DHTML.js
af1.nh.ee/banners/scripts/rmb/ Frame D3F6 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://af1.nh.ee/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/load/v/0.0.206/e/.gSBgiLA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
d3759299ce00e3bac2782faf02d6f1962e5c88b04e9682224f5852d0c86b6480
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 01:31:41 GMT
content-encoding
gzip
vary
Accept-Encoding
age
34147
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
content-length
13293
last-modified
Mon, 12 Oct 2020 12:11:56 GMT
server
DWS
etag
W/"5f84480c-78ab"
strict-transport-security
max-age=15552000
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
x-robots-tag
noindex, nofollow
9591492.jpg
af1.nh.ee/Banners/Elements/Files/151234/ Frame D3F6 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://af1.nh.ee/Banners/Elements/Files/151234/9591492.jpg
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.20.100.195 Tallinn, Estonia, ASN199328 (EKSPRESS-DIGITAL, EE),
Reverse DNS
proxy4.delfi.ee
Software
DWS /
Resource Hash
8e26a0d9dc59223dbbb31170eb115988601256e7832fc6f3f78b06cf51837d5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:32 GMT
x-robots-tag
noindex, nofollow
last-modified
Tue, 27 Apr 2021 08:08:29 GMT
server
DWS
age
17
etag
"6087c67d-38244"
x-cache-status
HIT
strict-transport-security
max-age=15552000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
229956
apstag.js
c.amazon-adsystem.com/aax2/ Frame 8F69 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 04:56:33 GMT
content-encoding
gzip
server
Server
age
21855
etag
8975e8311e479cf7d71d71133ee2dff8
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
x-amz-cf-id
qryKYWMl8H0l-4Xc9ZsAADgFPu5M-2VBszIoo7QZ8fuV3PjlbP2TvQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8F69 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
afb2a26519d5752d8ebfc1885945e49bae1a31f24ed4225831e20f13e7ceae63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"865 / 287 of 1000 / last-modified: 1620425395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21171
x-xss-protection
0
expires
Sat, 08 May 2021 11:00:49 GMT
64c67246-85ed-4d76-9efe-3fdb5d2d7424
boot.pbstck.com/v1/tag/ Frame 8F69 		1 KB
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://boot.pbstck.com/v1/tag/64c67246-85ed-4d76-9efe-3fdb5d2d7424
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b11dac150a996722bd1f33996712764ad3d194beeb306800afa57c96fe1ff634

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
private,max-age=120
cf-ray
64c22fc098713240-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09ed3c2c5c00003240b7a3a000000001
delfi_ee_bidder_config.js
keytarget.adnet.lt/stable/configs/ Frame 8F69 		66 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://keytarget.adnet.lt/stable/configs/delfi_ee_bidder_config.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.237 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
193-200-125-237.cust.interdata.lt
Software
nginx /
Resource Hash
7bee3605425960018863494f9e34fd879a782a065309299c0e50d401d60949b6

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 11:27:13 GMT
server
nginx
age
2630
etag
"60952411-10745"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
6799
expires
Sun, 09 May 2021 11:00:49 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame C2B7 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 04:56:33 GMT
content-encoding
gzip
server
Server
age
21855
etag
8975e8311e479cf7d71d71133ee2dff8
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
x-amz-cf-id
La2wqmlvWnSTLhU1W2nYGZXSgR7tgyguwhJhNxPCay-SGg0FmHoDmw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C2B7 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
fe14691eaf6f312aa9cba15deec03bd65359619b792917651460c4d089fe2645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"865 / 680 of 1000 / last-modified: 1620425395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21192
x-xss-protection
0
expires
Sat, 08 May 2021 11:00:49 GMT
64c67246-85ed-4d76-9efe-3fdb5d2d7424
boot.pbstck.com/v1/tag/ Frame C2B7 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://boot.pbstck.com/v1/tag/64c67246-85ed-4d76-9efe-3fdb5d2d7424
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d49469a0d31e730f5a8fb390d46ee22abcbf596f70d834c3a0951677b1900c94

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
private,max-age=120
cf-ray
64c22fc098743240-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09ed3c2c5c00003240aca2e000000001
delfi_ee_bidder_config.js
keytarget.adnet.lt/stable/configs/ Frame C2B7 		66 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://keytarget.adnet.lt/stable/configs/delfi_ee_bidder_config.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.237 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
193-200-125-237.cust.interdata.lt
Software
nginx /
Resource Hash
7bee3605425960018863494f9e34fd879a782a065309299c0e50d401d60949b6

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 11:27:13 GMT
server
nginx
age
2630
etag
"60952411-10745"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
6799
expires
Sun, 09 May 2021 11:00:49 GMT
monitoring-870589c.js
cdn.pbstck.com/ Frame C2B7 		166 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/monitoring-870589c.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/64c67246-85ed-4d76-9efe-3fdb5d2d7424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
976aa9316a414279bdc0ef0c2451df1991ae7b04ec0b356e2ca11450244c3031

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
br
cf-cache-status
HIT
age
154776
x-guploader-uploadid
ABg5-UzBBFQ_P2a5DDllDYZ7tIAZqUiP_0PcXVHLKOaY3se11e1v5xXehfoSXML42-TnvoQzY0x5pAqZlpJCNfQpTwU
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09ed3c2ca300004e3e5e9eb000000001
last-modified
Thu, 06 May 2021 15:59:29 GMT
server
cloudflare
etag
W/"dfa5c79df42df8bfdcd539455537d4ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=4U9A7Q==, md5=36XHnfQt+L/c1TlFVTfUyg==
x-goog-generation
1620316769408959
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, immutable
x-goog-stored-content-length
46466
cf-ray
64c22fc109fd4e3e-FRA
expires
Thu, 13 May 2021 15:59:32 GMT
monitoring-870589c.js
cdn.pbstck.com/ Frame 8F69 		166 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/monitoring-870589c.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/64c67246-85ed-4d76-9efe-3fdb5d2d7424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
976aa9316a414279bdc0ef0c2451df1991ae7b04ec0b356e2ca11450244c3031

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
br
cf-cache-status
HIT
age
154776
x-guploader-uploadid
ABg5-UzBBFQ_P2a5DDllDYZ7tIAZqUiP_0PcXVHLKOaY3se11e1v5xXehfoSXML42-TnvoQzY0x5pAqZlpJCNfQpTwU
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09ed3c2ca400004e3e4b2f4000000001
last-modified
Thu, 06 May 2021 15:59:29 GMT
server
cloudflare
etag
W/"dfa5c79df42df8bfdcd539455537d4ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=4U9A7Q==, md5=36XHnfQt+L/c1TlFVTfUyg==
x-goog-generation
1620316769408959
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, immutable
x-goog-stored-content-length
46466
cf-ray
64c22fc10a054e3e-FRA
expires
Thu, 13 May 2021 15:59:32 GMT
pubads_impl_2021050401.js
securepubads.g.doubleclick.net/gpt/ Frame 8F69 		303 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050401.js?31060985
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
885db6712dc3711368dfe2d8b0abb497107dc672d77847d9b2585268210f26c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 08:39:58 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109333
x-xss-protection
0
expires
Sat, 08 May 2021 11:00:49 GMT
cookie_sync
prebid.adnxs.com/pbs/v1/ Frame 8F69 		423 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
0882559c8e30e34a358174e3fedc34de09873cc8d60260476a017eec4d8844ea

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:49 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://rus.delfi.ee
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ Frame 8F69 		171 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
641b1618ebe754113b1e8eb71df2a970e5d09492c33c59059e7e7caf0806da1a

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:49 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://rus.delfi.ee
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
171
Expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 8F69 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rus.delfi.ee
date
Sat, 08 May 2021 11:00:49 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 8F69 		19 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:49 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid
3c94ddde-38c2-49e4-a668-d4dc1ec9409b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://rus.delfi.ee
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adnet-d.openx.net/w/1.0/ Frame 8F69 		172 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adnet-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Frus.delfi.ee%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=dc6a5d46-4078-4f32-b362-835af42d2879&nocache=1620471649524&gdpr=1&pubcid=73d95478-2573-42ae-89db-12b69c3df80d&schain=1.0%2C1!adnetmedia.lt%2C168%2C1%2C%2C%2C&aus=300x600%2C300x250&divIds=dee_ru_300x600_05_tower_foreign&auid=541044794
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
5f7327b95bf371a4c3ef1740040621b45e118222ef098158feaf36f52d92410c

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://rus.delfi.ee
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 8F69 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:49 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
bid
ap.lijit.com/rtb/ Frame 8F69 		24 B
753 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.27.0
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
cf1a1e48ae6e0ef617e50cfd98f7351c8620b48743ff38e029aab93692dfa610

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 08 May 2021 11:00:49 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://rus.delfi.ee
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8F69 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16854&site_id=153086&zone_id=1673628&size_id=15&alt_size_ids=10&gdpr=1&rp_schain=1.0,1!adnetmedia.lt,168,1,,,&rf=https%3A%2F%2Frus.delfi.ee%2F&tk_flint=pbjs_lite_v3.27.0&x_source.tid=dc6a5d46-4078-4f32-b362-835af42d2879&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.15381198792610062
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
35addb8316c70dbef18d37bbd1c25325a72277e2dfc9d7adcac3bad4866b5b0c

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:49 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://rus.delfi.ee
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 8F69 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=3.27.0&cb=3759116775
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rus.delfi.ee
date
Sat, 08 May 2021 11:00:49 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 8F69 		19 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:49 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.80:80
AN-X-Request-Uuid
d75e8979-4376-4bda-9ff0-5999a3151f27
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://rus.delfi.ee
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ Frame 8F69 		16 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://rus.delfi.ee
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 08 May 2021 11:00:49 GMT
/
adx.adform.net/adx/ Frame 8F69 		5 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgwNzAxOSZwcmljZVR5cGU9bmV0JnRyYW5zYWN0aW9uSWQ9ZGM2YTVkNDYtNDA3OC00ZjMyLWIzNjItODM1YWY0MmQyODc5JnJjdXI9RVVS&pt=net&stid=0912a0db-af44-4f83-8110-52293001686c&gdpr=1&gdpr_consent=undefined&fd=1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:49 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
adjson
ads.betweendigital.com/ Frame 8F69
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250&jst=hb&ord=6791134491320296&tz=-120&fl=0&rr=direct&s=3734232&bidid=288c7058e09d8ba&transactionid=dc6a5d46-4078-4f32-b362-835af42d2879...
  • https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250&jst=hb&ord=6791134491320296&tz=-120&fl=0&rr=direct&s=3734232&bidid=288c7058e09d8ba&transactionid=dc6a5d46-4078-4f32-b362-835af42d2879...
2 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=300x600%252C300x250&jst=hb&ord=6791134491320296&tz=-120&fl=0&rr=direct&s=3734232&bidid=288c7058e09d8ba&transactionid=dc6a5d46-4078-4f32-b362-835af42d2879&auctionid=0912a0db-af44-4f83-8110-52293001686c&cur=EUR&gdprApplies=true&crf=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=300x600%252C300x250&jst=hb&ord=6791134491320296&tz=-120&fl=0&rr=direct&s=3734232&bidid=288c7058e09d8ba&transactionid=dc6a5d46-4078-4f32-b362-835af42d2879&auctionid=0912a0db-af44-4f83-8110-52293001686c&cur=EUR&gdprApplies=true&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://rus.delfi.ee
content-length
0
auction
rtb.adxpremium.services/openrtb2/ Frame 8F69 		324 B
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e646f2027ff585c10441c4e8b16177c2359fd50fb8eb5f34bfc4e4149f10a2f

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09ed3c2d2200004dd6bd3b9000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bTZfFU%2F356jCnwtewu5tEdCIGCwT%2BFNBeHBrlw4I%2FY%2F4oFzWpDwUArtYjkbr4T5b2Tn62ObDdFqvbe4e20DQNqUS%2FNQIxNDxBnZsiLo0t7ghmjMxLQzf5bFnhT1uB%2FxJYcmbuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
64c22fc1dc674dd6-FRA
expires
0
pubads_impl_2021050501.js
securepubads.g.doubleclick.net/gpt/ Frame C2B7 		303 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
9cd58fce5ff7afd625c8e887719242e31afdc0bbfd418eb34d1eb8c9789b84a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 May 2021 08:38:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109323
x-xss-protection
0
expires
Sat, 08 May 2021 11:00:49 GMT
cookie_sync
prebid.adnxs.com/pbs/v1/ Frame C2B7 		423 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
0882559c8e30e34a358174e3fedc34de09873cc8d60260476a017eec4d8844ea

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:49 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://rus.delfi.ee
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ Frame C2B7 		171 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
ba1823eb5f5edb536904e509a4b974537eddd1d66ebdd40d55fda680cf93d72d

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:49 GMT
Server
nginx/1.19.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://rus.delfi.ee
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
171
Expires
0
prebid
ib.adnxs.com/ut/v3/ Frame C2B7 		19 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:49 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid
18ec6239-6813-4799-a538-b88866dc657b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://rus.delfi.ee
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame C2B7 		24 B
753 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.27.0
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
7af09777506403f29debc9e48dbfaaedef754d387d8837284d53c8a3d647d9b2

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 08 May 2021 11:00:49 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://rus.delfi.ee
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
bid-request
a.teads.tv/hb/ Frame C2B7 		16 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://rus.delfi.ee
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 08 May 2021 11:00:49 GMT
auction
rtb.adxpremium.services/openrtb2/ Frame C2B7 		324 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85cd8c72573a254d54a42dc1b89024d309ec82beb4b0bb7a230ee4213cb7aa1

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09ed3c2d2800004dd6158f3000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hg3BEqYq5IJ5uF2MACxBFxEW1yFa0%2BKruxGMQB3St96Ia%2BK38o9i%2FdArCK78JDV0p9M%2Bz00L68pVL%2BCMDD%2BuFWnWDbblCOU6mZYHj9z9ADF4NxIh9WExs8swPPqgV7GC8BHUig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
64c22fc1dc7e4dd6-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C2B7 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16854&site_id=153086&zone_id=1673632&size_id=55&alt_size_ids=57&gdpr=1&rp_schain=1.0,1!adnetmedia.lt,168,1,,,&rf=https%3A%2F%2Frus.delfi.ee%2F&tk_flint=pbjs_lite_v3.27.0&x_source.tid=9b05f032-895c-4455-9676-ad3f121e4449&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4124342579931015
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3580bfbd4824fbfa481d683b9bd23ff151bfe4644c804a80aafb1d418d618ae1

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:49 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://rus.delfi.ee
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame C2B7 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=3.27.0&cb=702533322
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rus.delfi.ee
date
Sat, 08 May 2021 11:00:49 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame C2B7 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rus.delfi.ee
date
Sat, 08 May 2021 11:00:49 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame C2B7 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:48 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame C2B7 		19 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:49 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.178:80
AN-X-Request-Uuid
8757eea4-a712-48e9-bad2-a5c7055a611d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://rus.delfi.ee
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adnet-d.openx.net/w/1.0/ Frame C2B7 		172 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adnet-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Frus.delfi.ee%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=9b05f032-895c-4455-9676-ad3f121e4449&nocache=1620471649581&gdpr=1&pubcid=73d95478-2573-42ae-89db-12b69c3df80d&schain=1.0%2C1!adnetmedia.lt%2C168%2C1%2C%2C%2C&aus=970x250%2C995x300%2C970x90&divIds=dee_ru_995x300_05_content_foreign&auid=541044808
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
654eecdc2f2a07a0501b0348571ef893742f635228d47a023fd62282d7efd1b0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://rus.delfi.ee
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame C2B7 		5 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgwNzAyMSZwcmljZVR5cGU9bmV0JnRyYW5zYWN0aW9uSWQ9OWIwNWYwMzItODk1Yy00NDU1LTk2NzYtYWQzZjEyMWU0NDQ5JnJjdXI9RVVS&pt=net&stid=77430f16-5535-47b8-8da6-4e92b94e8afc&gdpr=1&gdpr_consent=undefined&fd=1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:49 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
adjson
ads.betweendigital.com/ Frame C2B7
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=970x250%252C995x300%252C970x90&jst=hb&ord=5650663342989399&tz=-120&fl=0&rr=direct&s=3734231&bidid=309510e36e0a8e9&transactionid=9b05f032-895c-4455-9676-a...
  • https://ads.betweendigital.com/adjson?sizes=970x250%252C995x300%252C970x90&jst=hb&ord=5650663342989399&tz=-120&fl=0&rr=direct&s=3734231&bidid=309510e36e0a8e9&transactionid=9b05f032-895c-4455-9676-a...
2 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=970x250%252C995x300%252C970x90&jst=hb&ord=5650663342989399&tz=-120&fl=0&rr=direct&s=3734231&bidid=309510e36e0a8e9&transactionid=9b05f032-895c-4455-9676-ad3f121e4449&auctionid=77430f16-5535-47b8-8da6-4e92b94e8afc&cur=EUR&gdprApplies=true&crf=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json

Redirect headers

location
/adjson?sizes=970x250%252C995x300%252C970x90&jst=hb&ord=5650663342989399&tz=-120&fl=0&rr=direct&s=3734231&bidid=309510e36e0a8e9&transactionid=9b05f032-895c-4455-9676-ad3f121e4449&auctionid=77430f16-5535-47b8-8da6-4e92b94e8afc&cur=EUR&gdprApplies=true&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://rus.delfi.ee
content-length
0
bid
c.amazon-adsystem.com/e/dtb/ Frame 8F69 		23 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Frus.delfi.ee%2F&pid=Wi4wtZZU7m6gr&cb=0&ws=300x600&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F99287527%2Fdelfi_ee%2Fros_ru%2Fdee_ru_300x600_05_tower_foreign%22%7D%5D&cfgv=0&pubid=083e9dd7-27dd-4e36-908f-28796c83c8ad&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://rus.delfi.ee
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Ju3cQv5xPU4KX16C0lEn20eN8sYr-ejL6-9JMAz1juqhrrkBfyy_1Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 8F69 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
57643
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Fri, 07 May 2021 19:00:07 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
Pc2sCfIxG3n7dPMveoVnV92t4BMB29qzNNTTM-Rc9KgtVrBz9bqgeQ==
bid
c.amazon-adsystem.com/e/dtb/ Frame C2B7 		23 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Frus.delfi.ee%2F&pid=2oimu1sKDnaGY&cb=0&ws=995x300&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22995x300%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F99287527%2Fdelfi_ee%2Fros_ru%2Fdee_ru_995x300_05_content_foreign%22%7D%5D&cfgv=0&pubid=083e9dd7-27dd-4e36-908f-28796c83c8ad&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:49 GMT
via
1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://rus.delfi.ee
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ra5lxNgkAkZ6tu4PjyQ2s4yLJCeyYUB6NYastGP_aDYhot6TClgI8g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame C2B7 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
57643
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Fri, 07 May 2021 19:00:07 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
XXUhfc5a3tyFxL65iUgDAk8ngkVqFW_OAWndN7sCOzzR_w2lz8KsrQ==
sync.php
pixel.rubiconproject.com/exchange/ Frame 8F69 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame C2B7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
integrator.js
adservice.google.fr/adsid/ Frame 8F69 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=rus.delfi.ee
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050401.js?31060985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8F69 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rus.delfi.ee
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050401.js?31060985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8F69 		102 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2500642485514889&correlator=2757593677457772&output=ldjh&impl=fifs&eid=31060741%2C31060985%2C31060398%2C44740386&vrg=2021050401&ptt=17&sc=1&sfv=1-0-38&ecs=20210508&iu_parts=99287527%2Cdelfi_ee%2Cros_ru%2Cdee_ru_300x600_05_tower_foreign&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C3x1%7C300x600%7C300x250&fluid=height&prev_scp=amznbid%3D1%26amznp%3D1&cust_params=adblocker%3Dfalse%26siteUrl%3Drus.delfi.ee%252F%26domain%3Drus.delfi.ee%26url_keywords%3Drus%252Cdelfi%252Cee%252C&cookie_enabled=1&cdm=rus.delfi.ee&bc=31&abxe=1&lmt=1620471649&dt=1620471649710&dlt=1620471648916&idt=749&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=1100&adys=2547&adks=925635743&ucis=5rbw5t3pi59a&ifi=1&ifk=2784243509&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Frus.delfi.ee%2F&top=https%3A%2F%2Frus.delfi.ee%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=1024484637.1620471648&ga_sid=1620471650&ga_hid=1529473666&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050401.js?31060985
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
4e2f906a1eb08017aa5a7d5e7a9cf90496cd2335aa8e66d50e47048231d58f0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23472
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8F69 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050401.js?31060985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 8F69 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050401.js?31060985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.fr/adsid/ Frame C2B7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=rus.delfi.ee
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C2B7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rus.delfi.ee
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 08 May 2021 11:00:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C2B7 		80 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2764177247216166&correlator=2842422130587226&output=ldjh&impl=fifs&eid=31061027&vrg=2021050501&ptt=17&sc=1&sfv=1-0-38&ecs=20210508&iu_parts=99287527%2Cdelfi_ee%2Cros_ru%2Cdee_ru_995x300_05_content_foreign&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C3x1%7C970x250%7C995x300%7C970x90&fluid=height&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=adblocker%3Dfalse%26siteUrl%3Drus.delfi.ee%252F%26domain%3Drus.delfi.ee%26url_keywords%3Drus%252Cdelfi%252Cee%252C&cookie_enabled=1&cdm=rus.delfi.ee&bc=31&abxe=1&lmt=1620471649&dt=1620471649767&dlt=1620471648910&idt=767&ea=0&frm=23&biw=1600&bih=1200&isw=995&ish=300&oid=3&adxs=315&adys=1385&adks=4060349594&ucis=v0avr8te42z5&ifi=1&ifk=2313406702&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Frus.delfi.ee%2F&top=https%3A%2F%2Frus.delfi.ee%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=995x300&msz=995x-1&ga_vid=1024484637.1620471648&ga_sid=1620471650&ga_hid=1836596861&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
2a3b7fa53ba2b9d603a19fd493b1783c4e2885da3d029d3a7f27b9004fe3c978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22005
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C2B7 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame C2B7 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
prebid.adnxs.com/pbs/v1/ Frame 8F69
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8721297867726870223
0
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8721297867726870223
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:50 GMT
Server
nginx/1.19.0
Vary
Origin
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:50 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.139:80
AN-X-Request-Uuid
dc245188-d7e9-48a2-bfe7-4c35d1fc8977
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8721297867726870223
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid.adnxs.com/pbs/v1/ Frame C2B7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8721297867726870223
0
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8721297867726870223
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:50 GMT
Server
nginx/1.19.0
Vary
Origin
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:50 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.244:80
AN-X-Request-Uuid
31688f3a-edda-46e4-8d92-35a2a5b27c8b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.adnxs.com/pbs/v1/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8721297867726870223
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
intake.pbstck.com/v1/intake/ Frame 8F69 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intake.pbstck.com/v1/intake/auction?sId=2651e742&tId=64c67246-85ed-4d76-9efe-3fdb5d2d7424&c=1&ctr=DE
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
cf-ray
64c22fc6191a4e3e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09ed3c2fd300004e3efa846000000001
container.html
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D5DF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rus.delfi.ee/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rus.delfi.ee/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 08 May 2021 11:00:49 GMT
expires
Sun, 08 May 2022 11:00:49 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
jquery.min.js
keytarget.adnet.lt/stable/jquery/3.4.1/ Frame C2B7 		274 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://keytarget.adnet.lt/stable/jquery/3.4.1/jquery.min.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.237 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
193-200-125-237.cust.interdata.lt
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
gzip
last-modified
Fri, 29 Nov 2019 12:46:15 GMT
server
nginx
age
542
etag
"5de11317-4472c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
101393
expires
Sun, 09 May 2021 11:00:50 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame C2B7 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0248976da97cef9d507c26ab78186f1fc82a4dc71963f29cc49946f09e72d69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620386783045400"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28014
x-xss-protection
0
expires
Sat, 08 May 2021 11:00:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C2B7 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021050501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7aeee44ef9a56da8e8ed2f7e509f85427a6f284eafdc10aac94ce0897366b3e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
container.html
29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1DBF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050401.js?31060985
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rus.delfi.ee/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rus.delfi.ee/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sat, 08 May 2021 11:00:49 GMT
expires
Sun, 08 May 2022 11:00:49 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
jquery.min.js
keytarget.adnet.lt/stable/jquery/3.4.1/ Frame 8F69 		274 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://keytarget.adnet.lt/stable/jquery/3.4.1/jquery.min.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.237 , Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
193-200-125-237.cust.interdata.lt
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-varnish-cache
HIT
date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
gzip
last-modified
Fri, 29 Nov 2019 12:46:15 GMT
server
nginx
age
542
etag
"5de11317-4472c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
101393
expires
Sun, 09 May 2021 11:00:50 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 8F69 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050401.js?31060985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0248976da97cef9d507c26ab78186f1fc82a4dc71963f29cc49946f09e72d69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620386783045400"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28014
x-xss-protection
0
expires
Sat, 08 May 2021 11:00:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8F69 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021050401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050401.js?31060985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d53daf4245b6eafe2611089f59f1927ac0e109f3400286953100e8c621ffb8e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7747
x-xss-protection
0
auction
intake.pbstck.com/v1/intake/ Frame C2B7 		0
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intake.pbstck.com/v1/intake/auction?sId=2651e742&tId=64c67246-85ed-4d76-9efe-3fdb5d2d7424&c=1&ctr=DE
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
cf-ray
64c22fc6aeb74ea4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09ed3c302b00004ea420332000000001
82c44077a7667644c724f9fdaa0fb536.js
www.gstatic.com/mysidia/ Frame D5DF 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/82c44077a7667644c724f9fdaa0fb536.js?tag=client_fast_engine_2019
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5b5f10e2f329f107d7a48b4d4dd02da5da66b94efc9a8eea906ded9eeec13cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 10:31:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 22:51:13 GMT
server
sffe
age
520141
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2703
x-xss-protection
0
expires
Sat, 31 Jul 2021 10:31:49 GMT
0bed216128d8b176c59ca7c63aa90a3a.js
www.gstatic.com/mysidia/ Frame D5DF 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0bed216128d8b176c59ca7c63aa90a3a.js?tag=gpa/maximal_v1_och_tag
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6fffe87a773eda3ebd5d71066c42e4f841e798008afc527a68f26edc4820684
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 10:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 22:51:13 GMT
server
sffe
age
520140
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2575
x-xss-protection
0
expires
Sat, 31 Jul 2021 10:31:50 GMT
f27a2327937451811f326a3c5359709a.js
www.gstatic.com/mysidia/ Frame D5DF 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f27a2327937451811f326a3c5359709a.js?tag=pingback
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8efa0b5f70f2f4dd60cbff9f4d37628167042eea2566db828edaf9ac558e95d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 10:31:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 22:51:13 GMT
server
sffe
age
520141
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3953
x-xss-protection
0
expires
Sat, 31 Jul 2021 10:31:49 GMT
css
fonts.googleapis.com/ Frame D5DF 		2 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 08 May 2021 10:06:37 GMT
server
ESF
date
Sat, 08 May 2021 11:00:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 08 May 2021 11:00:50 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame D5DF 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 22 May 2021 10:57:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/ Frame D5DF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/abg_lite_fy2019.js
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7043
x-xss-protection
0
server
cafe
etag
3975852021068510888
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 22 May 2021 10:56:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame D5DF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/window_focus_fy2019.js
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 22 May 2021 10:57:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D5DF 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d0699772b8ca80d6ef1ac55871141afd77cda372f15f1a97b74b41dae70ab25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620386788828326"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36100
x-xss-protection
0
expires
Sat, 08 May 2021 11:00:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame D5DF 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 22 May 2021 10:57:26 GMT
l
www.google.com/ads/measurement/ Frame D5DF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQoW-wevwjspVzJB4RFu93V9z6pwLQy4c1t60tVo6eTNY-lpM9AETl22fM6cqHy3KbhQz20JxLA5LJUYtNogiohc0qtAw
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8ae5a72cfbd99e43f69fdf9d7c4a3504.js
www.gstatic.com/mysidia/ Frame D5DF 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8ae5a72cfbd99e43f69fdf9d7c4a3504.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6976b567ff0c1b6de18e250b03f65237744b07900c8f6cecc2fdd9c52d71a52a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 09:21:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 22:51:13 GMT
server
sffe
age
92355
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10537
x-xss-protection
0
expires
Thu, 05 Aug 2021 09:21:35 GMT
82c44077a7667644c724f9fdaa0fb536.js
www.gstatic.com/mysidia/ Frame 1DBF 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/82c44077a7667644c724f9fdaa0fb536.js?tag=client_fast_engine_2019
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5b5f10e2f329f107d7a48b4d4dd02da5da66b94efc9a8eea906ded9eeec13cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 10:31:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 22:51:13 GMT
server
sffe
age
520141
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2703
x-xss-protection
0
expires
Sat, 31 Jul 2021 10:31:49 GMT
0bed216128d8b176c59ca7c63aa90a3a.js
www.gstatic.com/mysidia/ Frame 1DBF 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0bed216128d8b176c59ca7c63aa90a3a.js?tag=gpa/maximal_v1_och_tag
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6fffe87a773eda3ebd5d71066c42e4f841e798008afc527a68f26edc4820684
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 10:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 22:51:13 GMT
server
sffe
age
520140
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2575
x-xss-protection
0
expires
Sat, 31 Jul 2021 10:31:50 GMT
f27a2327937451811f326a3c5359709a.js
www.gstatic.com/mysidia/ Frame 1DBF 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f27a2327937451811f326a3c5359709a.js?tag=pingback
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8efa0b5f70f2f4dd60cbff9f4d37628167042eea2566db828edaf9ac558e95d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 10:31:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 22:51:13 GMT
server
sffe
age
520141
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3953
x-xss-protection
0
expires
Sat, 31 Jul 2021 10:31:49 GMT
css
fonts.googleapis.com/ Frame 1DBF 		2 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 08 May 2021 10:07:43 GMT
server
ESF
date
Sat, 08 May 2021 11:00:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 08 May 2021 11:00:50 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 1DBF 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 22 May 2021 10:57:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/ Frame 1DBF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/abg_lite_fy2019.js
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7043
x-xss-protection
0
server
cafe
etag
3975852021068510888
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 22 May 2021 10:56:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 1DBF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/window_focus_fy2019.js
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 22 May 2021 10:57:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1DBF 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d0699772b8ca80d6ef1ac55871141afd77cda372f15f1a97b74b41dae70ab25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620386788828326"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36100
x-xss-protection
0
expires
Sat, 08 May 2021 11:00:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 1DBF 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 10:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 22 May 2021 10:57:26 GMT
8ae5a72cfbd99e43f69fdf9d7c4a3504.js
www.gstatic.com/mysidia/ Frame 1DBF 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8ae5a72cfbd99e43f69fdf9d7c4a3504.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6976b567ff0c1b6de18e250b03f65237744b07900c8f6cecc2fdd9c52d71a52a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 09:21:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 22:51:13 GMT
server
sffe
age
92355
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10537
x-xss-protection
0
expires
Thu, 05 Aug 2021 09:21:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C2B7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sat, 08 May 2021 11:00:50 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8F69 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050401.js?31060985
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sat, 08 May 2021 11:00:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 0FBA 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rus.delfi.ee/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rus.delfi.ee/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sat, 08 May 2021 10:58:05 GMT
expires
Sun, 08 May 2022 10:58:05 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
165
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1DBF 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a785e674d7e0a971efb769521d506914d875c0cbb461fbf0ee92885725ef03d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
shopping
encrypted-tbn0.gstatic.com/ Frame 1DBF 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRr5FhqAUVDSqS907jb6Vnk3vJNpGKhtUcYl30SNk5RnMCvOw3Ii-6g5cIv1A&usqp=CAI
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e26649b97dd3627c505e358aaaa2bcd8cbf0fbaac3bf08ab77e50f946fba538c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 17:20:13 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Jul 2020 09:09:46 GMT
server
sffe
age
409237
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14275
x-xss-protection
0
expires
Tue, 03 May 2022 17:20:13 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 1DBF 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQCG_3vMFc0kQTNcr1aJ_tp-pY_0sVACQdyTPLlx3cayKECI2SJqldGAoIxqnU&usqp=CAI
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e95a6da889b2adeba3b0b52ab9af956d2275b7e83229454f9226f4494e69048b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 14:19:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 09 Oct 2020 11:13:26 GMT
server
sffe
age
74468
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21848
x-xss-protection
0
expires
Sat, 07 May 2022 14:19:42 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 1DBF 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQFiB2bRxo8HahCw3rzpcb1z-_OP-grZa3x3DTnCuIm44YhxBqLxCYQNwWKiiA&usqp=CAI
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ffa321405ed0e5ee8e110ff94912f3880290bd5cad0f8e210c16842c1f19b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 17:22:46 GMT
x-content-type-options
nosniff
last-modified
Sat, 04 Jul 2020 00:38:08 GMT
server
sffe
age
63484
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22062
x-xss-protection
0
expires
Sat, 07 May 2022 17:22:46 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 1DBF 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQTeaY6DCnQ_qIdYxJaFxw4J2oAnR6IYLEabvmcZCEGv-I4HTGWRHzo4san9w&usqp=CAI
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69d45d72395d7e5d89b4885e0eac760b094774adfa0428db369bb23dd0fa5eaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 10:51:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jun 2020 12:48:00 GMT
server
sffe
age
346146
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26996
x-xss-protection
0
expires
Wed, 04 May 2022 10:51:44 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 1DBF 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ38zuC8kqGRR1oOEB-XqxFIBPBNK7nk7vdnO1dVfo44lF5YMgyiF_Umdvkxw&usqp=CAI
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca5669a2cb837103abea317f22a9ec0870cedcce49161236c301d2baea30bb95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 22:47:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 06 Jan 2021 14:45:32 GMT
server
sffe
age
44014
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30318
x-xss-protection
0
expires
Sat, 07 May 2022 22:47:16 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 1DBF 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSu4CwHj_kiuEqFCxuTJ9VvvlNl92uP65Zip79AqVSPbi5MPzQ&usqp=CAI
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35b9e01dd9fe358c6c820adf535a9a4d22e4d7790a3bd48801e84cdc420b9b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 07:57:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Jul 2020 21:58:48 GMT
server
sffe
age
10973
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9120
x-xss-protection
0
expires
Sun, 08 May 2022 07:57:57 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 1DBF 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcS69aPbP4BnpJ-OjlK4hLqrS2eddcLfqP0czvkpG8Wp67yvSyvr6Yk0V5UKBQ&usqp=CAI
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5cb6ca70e8138c3a7ac779e392f9e1d400f7be6d64df272e032a226d461f06a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 06:36:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 12 Jul 2020 11:03:51 GMT
server
sffe
age
102255
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19247
x-xss-protection
0
expires
Sat, 07 May 2022 06:36:35 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 1DBF 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTGOTakyaOUB9756naiDnpETgdQBEfy6x8J3fiUdC0NfYzFKMhxKgp3y-hvyA&usqp=CAI
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
569a1f80949c418a4117e80abd2d66ce8bb043446228c845d123eedd1f9ebf35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 12:32:18 GMT
x-content-type-options
nosniff
last-modified
Wed, 08 Jul 2020 09:01:19 GMT
server
sffe
age
80912
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19224
x-xss-protection
0
expires
Sat, 07 May 2022 12:32:18 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 1DBF 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQYweNc83VSWL1zNJf1k52FE3IdzNtUKIDHfuM1-o8Bzdp8BAw&usqp=CAI
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
671a9bcaa95524cbb87e4003e60b9b1bacc6735008296ad7087a706b8103d016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 11:13:21 GMT
x-content-type-options
nosniff
last-modified
Tue, 28 Jul 2020 09:51:50 GMT
server
sffe
age
172049
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17084
x-xss-protection
0
expires
Fri, 06 May 2022 11:13:21 GMT
truncated
/ Frame D5DF 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a785e674d7e0a971efb769521d506914d875c0cbb461fbf0ee92885725ef03d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
shopping
encrypted-tbn3.gstatic.com/ Frame D5DF 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS7LxAtNAUCGeKvi2LYocJUUDDYln7G1WG0MYmZCfz1-RV1-9B4-8htM5fSr4g&usqp=CAI
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fd7ab25927054bd18a1c32381939f0561bed1b3c111a3ca3eb58e70b8e3af24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 05:04:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Sep 2020 14:03:01 GMT
server
sffe
age
107769
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20614
x-xss-protection
0
expires
Sat, 07 May 2022 05:04:41 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame D5DF 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQqj1-FjsdVntG_aQECL8_LuSpL49TexnWAMtYjHFOJP7L80om71r1pY6L4gw&usqp=CAI
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47868e828c299095ade714da488c6fac08e51e970c34c4d7286d6225938fde6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 11:18:43 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Sep 2020 14:03:20 GMT
server
sffe
age
85327
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18736
x-xss-protection
0
expires
Sat, 07 May 2022 11:18:43 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame D5DF 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQscIfTuv6_Q9JlSKvJiuHWf4y6ofQkGY4CT70-lbOPMjBu-yxOPeiLhb4-Yw&usqp=CAI
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9763578aa7864886520b5cccfedf342e52a71d04a8302f7aa7180f116b70c5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 10:31:21 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 Feb 2020 17:04:56 GMT
server
sffe
age
88169
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22023
x-xss-protection
0
expires
Sat, 07 May 2022 10:31:21 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame D5DF 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRVHW1kOEiW8q8b46dzfasUf5NKPbaDBd4hHTbXczFoVjFiPdPSzEHVj8JedJk&usqp=CAI
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6994d4736f96c2c4062cf546263abeba83c90086e77a5aa965fd726c78005bcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 23:18:36 GMT
x-content-type-options
nosniff
last-modified
Sat, 22 Feb 2020 17:04:44 GMT
server
sffe
age
128534
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14809
x-xss-protection
0
expires
Fri, 06 May 2022 23:18:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D5DF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChIIASoOYmFubmVyMy1zcXVhcmUKCggCKgZzZXJ2ZXIKKAgEKiRyZGFfYWd2X2luc193aXRoX2Jhbm5lcixub19jb3VudGRvd24KMxobbWF4aW1hbF90YWdfZXhwZXJpbWVudF9uYW1lKhJTYWxlQmFkZ2VBbmltYXRpb24wAQoRGgd0YWdfaWRzKgRiLmIuMAEKHRoRcHJvZHVjdF9ib3hfd2lkdGgqBjI0Ni4yNTABChsaEnByb2R1Y3RfYm94X2hlaWdodCoDMjA0MAESGkNKLVN1cWozdWZBQ0ZSSks0QW9kT2RVRXZRIhZncGEvbWF4aW1hbF92MV9vY2hfdGFnKAw=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f27a2327937451811f326a3c5359709a.js?tag=pingback
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D5DF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CuytfYW-WYN_dMpKUgQe5qpPoC76Gj9dhwfmC96YLkJ-Rrp4fEAEgv-mCJmD7gYCAiAqgAfCKptQDyAEJqQIIRrFXEWi0PuACAKgDAcgDmwSqBNABT9C232-nFn4tgrrQXdT4vjfOd1dt4Xd4DS30IqtqC6V3S548Dx-WKUVgPg0eUIz1jhorycBFJ70jKmlm3dOHlIVzEXMakjfXJBlX_V2vs28JpT0fwFY-beg9Knyf-XuEs3I0UewjbQMPzjiTjRim5rPG0ZfqFmcUzSemS_fDvHYeuys4iO9NrB7mYappl_uQydkjGJyoR0h57InxiXTYStTST5QdV5zh74VYS5RqEtcSRnePt6z9RAeBDDqZIMm8HzFMO-prZ83km-o4HGlRUcAEr8Lin-kC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_j02SuoB4qcsQKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENCLE9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjczNzI1NjI2OTI1Njg4NoAKA8gLAdgTDtAVAZgWAYAXAbIXGgoYCAASFHB1Yi0zMTgyODU4MDg5OTkzMTk2&sigh=P1xlV0N1Buo&template_id=494
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6377 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 08 May 2021 03:14:09 GMT
expires
Sun, 09 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
28001
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DBF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChEIASoNdG93ZXIyLXNxdWFyZQoKCAIqBnNlcnZlcgobCAQqF3JkYV9hZ3ZfaW5zX3dpdGhfYmFubmVyCjMaG21heGltYWxfdGFnX2V4cGVyaW1lbnRfbmFtZSoSU2FsZUJhZGdlQW5pbWF0aW9uMAEKFRoHdGFnX2lkcyoIYmJiYmJiYmIwAQoaGhFwcm9kdWN0X2JveF93aWR0aCoDMTQ3MAEKGxoScHJvZHVjdF9ib3hfaGVpZ2h0KgMxMzcwARIaQ09UaXRxajN1ZkFDRlZuWUVRZ2QtZXNHdHciFmdwYS9tYXhpbWFsX3YxX29jaF90YWcoDA==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f27a2327937451811f326a3c5359709a.js?tag=pingback
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1DBF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CmyfEYW-WYKSuL9mwx_AP-debuAvLkvTUYu37naHiC4yOgejhGxABIL_pgiZg-4GAgIgKoAHmlbzzA8gBCakCCEaxVxFotD7gAgCoAwHIA5sEqgTQAU_Q12euopmjfoE7AwXoIdZ3nFuZldCRv9f_qH4DkQG9nzuKYMvdpPlFK_9eajY1DDrmaE9VB05VSIgXUzefEyDz9fk1u8qi9iCj42uSq9PxKGt-KxtICuYcwvlUKh0eTWPkrQp_4OAvGrFiYpCDPZpDPwqEoNJ8q-ak6ElysfLDwniVsi3KgSa6349h2ZIwXqL_zQ4uoXBOV2P5nb_iB6QoS63kr3gqq4HxOshMuHJnDqAlJVfmfXdj-87TIaeOIChQylNJOfZkym3VdoNxvbXABIif04eFA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeC6sMMqAeKnLECqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCP5g7SCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTY3MzcyNTYyNjkyNTY4ODaACgPICwHYEw7QFQGYFgGAFwGyFxoKGAgAEhRwdWItMzE4Mjg1ODA4OTk5MzE5Ng&sigh=4L3adKxoxN0&template_id=494
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 506A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 08 May 2021 03:14:09 GMT
expires
Sun, 09 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
28001
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 575F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rus.delfi.ee/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rus.delfi.ee/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sat, 08 May 2021 10:58:05 GMT
expires
Sun, 08 May 2022 10:58:05 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
165
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1DBF 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41bc156e6475013e7b7f1ad4ab38456dcf4069e4c8cb507f6c2654af4548bd2b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D5DF 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
817c9c73e27e9661585ef0fac06feb9770272594c3a3e53a35b29924cced9d2b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 8F69 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 09 May 2021 11:00:50 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 1DBF 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 23:13:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
age
388034
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
expires
Tue, 03 May 2022 23:13:36 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame D5DF 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 23:13:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
age
388034
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
expires
Tue, 03 May 2022 23:13:36 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C2B7 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 09 May 2021 11:00:50 GMT
dpixel
cms.quantserve.com/ Frame 6377 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEH5HXRWUvvZu7JR8PSlzu78&google_cver=1&google_push=AQvitUL9ZFDrd8XBrGYSX5D8doY5wOANC1L2KaYKjLdCHMretCS05XSGcFHriEvne2Uzz3ZfeKFq87a12ahLVgjQ4sVtERRPf9GL
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6377
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOyxh_UjzNRa_p3VuAFT4Uw&google_push=AQvitULykpFWLuwDbhiSnDX9gkrHmmzKsgUDSiTNs8FFKcJuZ3D2MQCtAg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOyxh_UjzNRa_p3VuAFT4Uw&google_push=AQvitULykpFWLuwDbhiSnDX9gkrHmmzKsgUDSiTNs8FFKcJuZ3D2MQCtAg0C25108aGNus-POUUH_qLezXMR9YlenrozjwwMv-0y7A
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1620471651.658569,VS0,VE98
x-served-by
cache-hhn4052-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOyxh_UjzNRa_p3VuAFT4Uw&google_push=AQvitULykpFWLuwDbhiSnDX9gkrHmmzKsgUDSiTNs8FFKcJuZ3D2MQCtAg0C25108aGNus-POUUH_qLezXMR9YlenrozjwwMv-0y7A
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 6377
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESENs3cFgkVChJSsxpudK62ZY&google_cver=1&google_push=AQvitUL0KwP_xJlZc6uPpJOt5C1K2fXyXM-ThCc5zcVKvOSGP95scOp73QNbTPXzAkneC...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUL0KwP_xJlZc6uPpJOt5C1K2fXyXM-ThCc5zcVKvOSGP95scOp73QNbTPXzAkneC6-xIDoZQfIlWZzxgC2uRgCsZDYEYXricA&google_hm=QW55S0h3U0VHVXB2WHAtYW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUL0KwP_xJlZc6uPpJOt5C1K2fXyXM-ThCc5zcVKvOSGP95scOp73QNbTPXzAkneC6-xIDoZQfIlWZzxgC2uRgCsZDYEYXricA&google_hm=QW55S0h3U0VHVXB2WHAtYW1OMThYdXc=
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUL0KwP_xJlZc6uPpJOt5C1K2fXyXM-ThCc5zcVKvOSGP95scOp73QNbTPXzAkneC6-xIDoZQfIlWZzxgC2uRgCsZDYEYXricA&google_hm=QW55S0h3U0VHVXB2WHAtYW1OMThYdXc=
Date
Sat, 08 May 2021 11:00:50 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
pixel
cm.g.doubleclick.net/ Frame 6377
Redirect Chain
  • https://google-sync.rutarget.ru/sync?google_gid=CAESELy0a5gLuNaayQyI5dF8b5k&google_cver=1&google_push=AQvitUKBPWr4JEuMrgtAw748OHXxGmN5L9WbVvwNBTfhuvOPSfcLWSCU3ZN49ICdV1Lj5OXty6MoAK94ybnnKCIo2Y0OlwA...
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=ZDdqMTIwUVZiNzJt&google_ula=2046794&google_push=AQvitUKBPWr4JEuMrgtAw748OHXxGmN5L9WbVvwNBTfhuvOPSfcLWSCU3ZN49ICdV1Lj5OXty6MoAK94yb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=ZDdqMTIwUVZiNzJt&google_ula=2046794&google_push=AQvitUKBPWr4JEuMrgtAw748OHXxGmN5L9WbVvwNBTfhuvOPSfcLWSCU3ZN49ICdV1Lj5OXty6MoAK94ybnnKCIo2Y0OlwAhB1r4NQ
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=ZDdqMTIwUVZiNzJt&google_ula=2046794&google_push=AQvitUKBPWr4JEuMrgtAw748OHXxGmN5L9WbVvwNBTfhuvOPSfcLWSCU3ZN49ICdV1Lj5OXty6MoAK94ybnnKCIo2Y0OlwAhB1r4NQ
Date
Sat, 08 May 2021 11:00:50 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
sync
dsp.adkernel.com/ Frame 6377 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEMsv69DceHkSMxYNnS2j8ts&google_cver=1&google_push=AQvitUK_8LbtUMqUooKzdX4aII8kj2lIFwZivED3WmTty-8ubQ1zcsB-HkJZ5pPX617es4SptF-cXLStmx9M8XODQpjhAV0jthtXSQ
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:50 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 6377
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEKONfvfBKIMu8_nbyfr27P0&google_cver=1&google_push=AQvitULZvU75q5_0UwCLXa0KRRzBTWYVwAG04bte1knzud4cpD4i4NW3PUdqcmwYw_jMLJL1Jb4PcJEtQ40nho7QQle_2U8Z5...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYzNDczMjUwMjExMDY2ODAwMFYxMA%3d%3d&mn_hm=MjYzNDczMjUwMjExMDY2ODAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitULZvU75q5_0UwCLXa0KRRzBTWY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYzNDczMjUwMjExMDY2ODAwMFYxMA%3d%3d&mn_hm=MjYzNDczMjUwMjExMDY2ODAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitULZvU75q5_0UwCLXa0KRRzBTWYVwAG04bte1knzud4cpD4i4NW3PUdqcmwYw_jMLJL1Jb4PcJEtQ40nho7QQle_2U8Z59xoTQ
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:50 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYzNDczMjUwMjExMDY2ODAwMFYxMA%3d%3d&mn_hm=MjYzNDczMjUwMjExMDY2ODAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitULZvU75q5_0UwCLXa0KRRzBTWYVwAG04bte1knzud4cpD4i4NW3PUdqcmwYw_jMLJL1Jb4PcJEtQ40nho7QQle_2U8Z59xoTQ
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Sat, 08 May 2021 11:00:50 GMT
dot.gif
s0.2mdn.net/ Frame 6377 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEL95n9JCJyk6PybzVB7UXY8&google_cver=1&google_push=AQvitUInq9Th-peP5O8Q0QdQc4YbkDXzZZoVXBZcsiRTmmyGx19eImaTIfu0xcA36Xy3M5w-uAbPCdJT94BWaNqO273FXvNKlK6ZnZo
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sun, 09 May 2021 11:00:50 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6377 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K2twbk96LLhy6ONax5w4gSdK0aU4hH8ND3a-jx_YyRLQ7ChUkOoNxGCJA8aWhVE5SzoIE3IA
Requested by
Host: 76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
URL: https://76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 506A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFGYLsj-AZHom8yiWaw9AW0&google_cver=1&google_push=AQvitUITucyilXgxW6ocwWJWLUNf0K1mndbfwdEIiiNwmGmoi2m0Jr2TNQV-eZtOOlp04HS2CsZqMs1b-bti2WeIty9TJBZvZjvz
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk4MTY4NzgzNDczMTQ0MTAzNw==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEFGYLsj-AZHom8yiWaw9AW0&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEFGYLsj-AZHom8yiWaw9AW0&google_cver=1
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEFGYLsj-AZHom8yiWaw9AW0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 506A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBuKmJAlApCamb4IOBiZMbo&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBuKmJAlApCamb4IOBiZMbo&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUdkb2tZTTYxTEZrSHc1&google_gid=CAESEBuKmJAlApCamb4IOBiZMbo&google_cver=1&google_push=AQvitUIaPqvSDIklkqQJPtHO9GnlW2P5QhP1hmFD5xHQQcS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUdkb2tZTTYxTEZrSHc1&google_gid=CAESEBuKmJAlApCamb4IOBiZMbo&google_cver=1&google_push=AQvitUIaPqvSDIklkqQJPtHO9GnlW2P5QhP1hmFD5xHQQcSl8jZIgv9ROOIsXBQ6deNzH7sHe1VeWDAGKvQLUqh-WFufCjLWIPp7
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:49 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-077182e85f3323570@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUdkb2tZTTYxTEZrSHc1&google_gid=CAESEBuKmJAlApCamb4IOBiZMbo&google_cver=1&google_push=AQvitUIaPqvSDIklkqQJPtHO9GnlW2P5QhP1hmFD5xHQQcSl8jZIgv9ROOIsXBQ6deNzH7sHe1VeWDAGKvQLUqh-WFufCjLWIPp7
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 506A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEIHLyeMQGSVMs4sw6K-PM2o&google_cver=1&google_push=AQvitUKf8mw1CVK8_2sHLVbAvP7XIPSkwU2_KVWcEisIVMVKWX5hSMDBxYIiWDWc2R0YijxYTg34Y552LB-rge-KOTO-9erjNxGm
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF1F786A6BD84D76A516B48834249AD9&google_push=AQvitUKf8mw1CVK8_2sHLVbAvP7XIPSkwU2_KVWcEisIVMVKWX5hSMDBxYIiWDWc2R0YijxYTg34Y552LB-rge-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF1F786A6BD84D76A516B48834249AD9&google_push=AQvitUKf8mw1CVK8_2sHLVbAvP7XIPSkwU2_KVWcEisIVMVKWX5hSMDBxYIiWDWc2R0YijxYTg34Y552LB-rge-KOTO-9erjNxGm
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 08 May 2021 11:00:50 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FF1F786A6BD84D76A516B48834249AD9&google_push=AQvitUKf8mw1CVK8_2sHLVbAvP7XIPSkwU2_KVWcEisIVMVKWX5hSMDBxYIiWDWc2R0YijxYTg34Y552LB-rge-KOTO-9erjNxGm
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Fri, 07 May 2021 11:00:50 GMT
pixel
cm.g.doubleclick.net/ Frame 506A
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOpYJCpM2BdaOSgWZebV43I&google_cver=1&google_push=AQvitUI1Spov1rIsvSB7ab79ULZKkJorur75sWuD3nUM7I91na9LPBoS39LdyvS-wfjrj6DFJt_4WQ-hgvU2QTFS...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=511Mfd2OSSiddGDXsvaByw2&google_push=AQvitUI1Spov1rIsvSB7ab79ULZKkJorur75sWuD3nUM7I91na9LPBoS39LdyvS-wfjrj6DFJt_4WQ-hgvU2QTFS6UhFZ1x5sCDm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=511Mfd2OSSiddGDXsvaByw2&google_push=AQvitUI1Spov1rIsvSB7ab79ULZKkJorur75sWuD3nUM7I91na9LPBoS39LdyvS-wfjrj6DFJt_4WQ-hgvU2QTFS6UhFZ1x5sCDm
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 08 May 2021 11:00:50 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=511Mfd2OSSiddGDXsvaByw2&google_push=AQvitUI1Spov1rIsvSB7ab79ULZKkJorur75sWuD3nUM7I91na9LPBoS39LdyvS-wfjrj6DFJt_4WQ-hgvU2QTFS6UhFZ1x5sCDm
x-host
tde-deliveryengine-production-856496475-zdlrn
alt-svc
clear
content-length
0
us.php
c.eu1.dyntrk.com/adx/ga/ Frame 506A 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELFRlLSZ3Ejlf2BLkvS96cM&google_cver=1&google_push=AQvitUIyle71OLLUieeXrX_gxaMXWYlJ6UGqJdd2xz9XRhG2jRYL_G0mA1vqKEbXrWrDP7uEH5qwkAGaMWuaho4oBWeRVFcg7K_D
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.140 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31193670.ip-51-178-20.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
exptsync
ads.yieldmo.com/ Frame 506A 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/exptsync?google_gid=CAESEAkeofA6qeOCE9pkNGfvh6Y&google_cver=1&google_push=AQvitULztBgQMiq9oB-C0CTnraQRd4e0MdDzqBnEk89KiUjQOT4mR9aSpQ1OyskGdCB_mNQzWn5PFSZE4eZVl5RWnkkB5U5Zm9pl
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.100.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
/
cc.adingo.jp/adx/push/ Frame 506A 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEBzpjD4hZJvSzMGk8Ruchw0&google_cver=1&google_push=AQvitUKj-RhQQsGfsRnjdO1Jw7E1pfG0goIM3prsnKckLhpTaSwn_Yh9c4b84LJ5UDyPRJQogTNH9I-SI5apyyWgzupGNC8Ixaj6
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.53.220 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:51 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame 506A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L29YNrWAIqCTtaz_XpQMUup6YyBkf4Hbr8P05bU40SZUoubPiQyMp4cpgnValtKpDDqBKp
Requested by
Host: 29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
URL: https://29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
XEkuV_KLMWD5Al97iCmkDgjGab_rX-gE6bZrQzRSZUo.js
pagead2.googlesyndication.com/bg/ Frame 0FBA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/XEkuV_KLMWD5Al97iCmkDgjGab_rX-gE6bZrQzRSZUo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c492e57f28b3160f9025f7b8829a40e08c669bfeb5fe804e9b66b433452654a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 06:39:02 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 10:48:00 GMT
server
sffe
age
15708
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Sun, 08 May 2022 06:39:02 GMT
XEkuV_KLMWD5Al97iCmkDgjGab_rX-gE6bZrQzRSZUo.js
pagead2.googlesyndication.com/bg/ Frame 575F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/XEkuV_KLMWD5Al97iCmkDgjGab_rX-gE6bZrQzRSZUo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c492e57f28b3160f9025f7b8829a40e08c669bfeb5fe804e9b66b433452654a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 06:39:02 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 10:48:00 GMT
server
sffe
age
15708
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Sun, 08 May 2022 06:39:02 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 8F69 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 09 May 2021 11:00:50 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C2B7 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:50 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 09 May 2021 11:00:50 GMT
/
track.adform.net/serving/unload/ Frame CF66 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&pud=bLXx1jdEq0g_hXGNeQTFOvq94jRlxkhBa1kNGwjzowEvxh-XpDNcCO50O4eLG9r8eMkbe683FEAyL_ktaYre63jJG3uvNxRAQPNcPmp1msb9ZHJXNHCAYtfa1V5pKn9Rs1lHRlBGvbQ1&unload=8545480290022290403@@45642394,188517228315931820,100|1114|0|0|0|0|0|0|0||371|0|1931|547e9cee13404c56a91b1c65ee4e4cbe|||1|0|0|MbWH8w1JPFh5lT90q-mtzd6Q0FnG0ITNDj-Itu-fBlQALE75NvPaF8RrCHZXs5_srbm0Fun4sOPrtsVLAYaTj7sL3z22sbC6SKAx7GJGBSZkAW6OdCBF7A2|EnuD05QSDpjy1F7SNpPYWfs9APOQ3NaGxP1jqr9M9RzBQfF2VmgX3X0ZnuzDZnP9_8hlTmhlwk9evBo7TScIrqwIk5e04NStgT3v5svbYOW6ju9TOUYjNtzMdZ1buOT-C4j6hPy6qDhlJ0QIrUe_VXFNbdWUUaeH25CsXkRpVszMIsS_3pUO00STmTUEMx07yLjKYuCVlIHB9s6arDrHDQD0RPXN0lXnZkzvEnnYVYTyy4wyDeiitL29pwlpr4xG0KaT4vFO-uk41UNF96Y0nDQp39rtC4WSTl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcj14kPtH9xaQ8i06k6C3BxSjsnMjdaoSEy7g36-3dGKM4MlVkqfm9RgqGqhgEzk62OzqaJiGF9SP01UJNdESrjx0|1|11|0
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame CF66 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=8545480290022290403@@45642394,188517228315931820,100|1114|0|0|0|0|0|0|0||371|0|1931|547e9cee13404c56a91b1c65ee4e4cbe|||1|0|0|MbWH8w1JPFh5lT90q-mtzd6Q0FnG0ITNDj-Itu-fBlQALE75NvPaF8RrCHZXs5_srbm0Fun4sOPrtsVLAYaTj7sL3z22sbC6SKAx7GJGBSZkAW6OdCBF7A2|EnuD05QSDpjy1F7SNpPYWfs9APOQ3NaGxP1jqr9M9RzBQfF2VmgX3X0ZnuzDZnP9_8hlTmhlwk9evBo7TScIrqwIk5e04NStgT3v5svbYOW6ju9TOUYjNtzMdZ1buOT-C4j6hPy6qDhlJ0QIrUe_VXFNbdWUUaeH25CsXkRpVszMIsS_3pUO00STmTUEMx07yLjKYuCVlIHB9s6arDrHDQD0RPXN0lXnZkzvEnnYVYTyy4wyDeiitL29pwlpr4xG0KaT4vFO-uk41UNF96Y0nDQp39rtC4WSTl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcj14kPtH9xaQ8i06k6C3BxSjsnMjdaoSEy7g36-3dGKM4MlVkqfm9RgqGqhgEzk62OzqaJiGF9SP01UJNdESrjx0|1|01|0
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame CF66 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/Serving/Event/?bn=45642394&event=178&time=2&baid=44789959&name=Viewable%20impressions&imprid=188517228315931820&icid=8545480290022290403&eData=nzEewDe6I5t_eFPRWe9khkIEmS02EQT_Nv9eZnf1nu2LGnSjla2oOQk5zV0hzpRCDx1K8ZNxr0on6KVc5T7UIlYpKObaBerlDM52Dr38TbNNuhYcHObP8QUi4VqJUE1BaOJDsqAYsG41&adxvars=EnuD05QSDpjy1F7SNpPYWfs9APOQ3NaGxP1jqr9M9RzBQfF2VmgX3X0ZnuzDZnP9_8hlTmhlwk9evBo7TScIrqwIk5e04NStgT3v5svbYOW6ju9TOUYjNtzMdZ1buOT-C4j6hPy6qDhlJ0QIrUe_VXFNbdWUUaeH25CsXkRpVszMIsS_3pUO00STmTUEMx07yLjKYuCVlIHB9s6arDrHDQD0RPXN0lXnZkzvEnnYVYTyy4wyDeiitL29pwlpr4xG0KaT4vFO-uk41UNF96Y0nDQp39rtC4WSTl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcj14kPtH9xaQ8i06k6C3BxSjsnMjdaoSEy7g36-3dGKM4MlVkqfm9RgqGqhgEzk62OzqaJiGF9SP01UJNdESrjx0&rtbdata=ZDjHwIaYSBFaejxQuQEe0QEfGVffnz8_3kT63gyFyr1N4W3sxBQ98op-Brszzkea6sYh8PKVwwWOxU9WWFinwML6Cb7gV_qqpP-0GKyfsUAEl2bPuYbvCg8V89Nj13ZtlM-qvnsIwQ7DeIjrSAcYFw2&rtbwp=oYeDAySWWiI1&rnd=738076260
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F69 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021050401&jk=2500642485514889&bg=!REelRwPNAAYP3QOmD907ACkAdvg8WjgSnw5yXvYmO01s2f6p3ZzCX-l3SDMuvaNulB6n7dTYVEABXQIAAABuUgAAAAxoAQcKAAjdI-mh91jlkpkCbtHVxUZZZkEPLXDatEs5Q0oYwdqfpPB-s4w2JsWBlXtYiDRPV_Xct5dL9M95Nv0XKhGjPrZKN9J8pvmHzl61eRCI-PNwtiRJ-A2nSA4BYfm4e6DzCOrjjiy1dw-K-LcFS6aYmVJkHgPQDiGDrV8i0lgeg8pzocHPXGFYl_GpXXT5DAFwid7_0gzb8tKP-dMFGoGmoUegudjRsDKhlSrvyBIGsXgjLBZT_mz2YDg2lBBQiVPlK6ndvNw7HBGX5wL7xc7gjhBhzvoeVEaE1d7KAIaJBj1rJQY5o3w6d7lad1wG21lRuYYzN6qk-5w65gv7GRDU5dKvDKup1Zyus9yzwyNBT2vesKRX2ZsvfwBMPSnT3z00uOqmamTHzWaelCZElPtNo-_by6tBTFJSJ7iff5UATzQsfv1Os-74Q5SJIfFfREnv9TGue1Qlu74nAonh-Dge1ynv4VbnL0OFYYBz4CLzLkcDaLCILtpZ1hvmN-gmLCEt-USbWV2uSblG9xLneReuwIXIVg14q08WWfXDOZ2iaQkHXsEFM5omrXHJt4v2jTz9IvkHOAbPkyLxF_qeJKbH2Yy4MfH5wS1Dky_nkcDLRvbPQ7B-l29AVX07y06IHb89ZMesMiW0XIqg_C95doHRIg6Hshm6d8VeBUA-th_E747PUuCUmoKBZ8mrOiI-C-o-dOPmfhNseof0Oi2oVdZ_iRDFWjetxAFlt63eATF6R9AU3jUVyK1YB5vzv6DaPpfW77RkGRF_zr0Mi7sxnbrph4xncYUEnTuBwKOPq_w9y2T9qU_3pWC4oCaHmyFWHNOJmMUMC_ieTIX-FW8
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C2B7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021050501&jk=2764177247216166&bg=!bm2lbSnNAAYP3QOmD907ACkAdvg8WiQOjXdqnEd0vAK9uDM08SUq2eS71WmbPwhnCHDaaed8BXYNpgIAAACBUgAAAA1oAQcKAOZjuPncW_k-kjafxqik-vNGfv4JSXfnvlTo8TvpYAybD0jlviovPjD2xgFkx5F6usjwHwtV3CbcxxjAN8K_GztBqc7-LzqkhIugUl41ODCt-tBkqwK9dep7P4soZwnz2pM8aMqOedNakmiYNxWc2hbwF5TOZaHOU8Q6qc7lKpFUM2STyySR4qPf9q4hWdkmm65dGEDKCOmbHm8gOjnE9appMivtegS4-0iiPpeKwisA5Er5n4aF9_A9vEx0VeR6ceNNDeVsQkmB1ua7bsMdcId0Nr-iV4JoOdI1n1PAHQtDqiwKdDJTNJkCeZA-ovD7FDyUleJh_IJWS3LUjcKI8rY9K8JxF0Kyek6hKsGxUt-YhME1yhIfn2noj5zOMrl6ntDtiyq3vrpNnwwOr1-7seqzzztBwgKjpCMbDM0mI-Xqy4iENYSSnLZ4ikJGh1N6p4iQNnkAhVXDmAldLfR286zQrafuC5a2rMwpvXG8XoqzfEsknMtKijrwwJXyIgHtqV89Oxce6EXBBP6by4mOQK7YkJuJTjRnErtS-C0d_FeetD-69v5BEMpgiqXLjiARI4246qv9eJShxBANnVQBen26DTR6kFXFeCmaZgQjTMRJRs4FGXm_M7lXz7WJfuDc8NLvkUr_FXfGWt-IE5yytDwCbQyJX213Th3v3J2lBZK4LL8nRTM6jrsrVdYCbUNNiAkdv-cJpP5pMarRN1YukicqEJnCkAyGkOTpJdav9bJCsUjBzf4VOLhlzo62D_GkKepcicQXmnrSxhPK3nWRxTBK5nTXoFnAOwTrq0R04Ah4VGiZd7iu8YhfF9BNdJtDBNkA9bL0d8rOrq8MYo0IuwHhrpQApfWqqScfT7VsxDn5YK1kO_ztDlTI-j3BGieArQ80qmsuSJ1Km6sS9ZavxLI6Kr4kURxJs0vR9XslHCUWMisdbKYdDL9kx74BL3-5_J6C2LSSSR1FIjZ-xsbmNadm_GBMYbpc6TCUFZ-hHT2g8CNCajhcl-zDRylUvEbNE1VaW-7D-fp1n1DtaiLU8T-_R3MQh-rkedTSP05TvBtc8xjpi3jHcPz9g-PrFgn96GFuA9ZzTu2tK2yEEjQLZ6bZj7AVaNRnPlBBmFq0VUigr6jaEWbl7SCheSLLv92Kov_wcw
Requested by
Host: rus.delfi.ee
URL: https://rus.delfi.ee/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 7DFB 		0
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=rus.delfi.ee
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=rus.delfi.ee
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rus.delfi.ee/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rus.delfi.ee/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1494
date
Sat, 08 May 2021 11:00:51 GMT
content-length
0
truncated
/ Frame C2B7 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77961ad715016b5da753cdc9b9dbaf1f1732c28a8214f866fa08b28892083d58

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8F69 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77961ad715016b5da753cdc9b9dbaf1f1732c28a8214f866fa08b28892083d58

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0C63 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rus.delfi.ee/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rus.delfi.ee/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 03 May 2021 04:58:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 08 May 2021 11:00:52 GMT
Age
21756
X-Served-By
cache-lga21935-LGA, cache-cdg20726-CDG
X-Cache
HIT, HIT
X-Cache-Hits
1, 115806
X-Timer
S1620471653.757190,VS0,VE0
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame F9EA
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
668 B
729 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
64fd71b8bb460fb9e9a94303f6515df02d0388762ca6adcd29b38354bd702050

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rus.delfi.ee/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=9d5de696-fede-0d1c-020a-b1103252cd4c|1620471652
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rus.delfi.ee/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=9d5de696-fede-0d1c-020a-b1103252cd4c|1620471652; Version=1; Expires=Sun, 08-May-2022 11:00:52 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620471652|gekin0vNiygu; Version=1; Expires=Sun, 23-May-2021 11:00:52 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 08 May 2021 11:00:52 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=9d5de696-fede-0d1c-020a-b1103252cd4c|1620471652; Version=1; Expires=Sun, 08-May-2022 11:00:52 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
date
Sat, 08 May 2021 11:00:52 GMT
content-length
0
via
1.1 google
alt-svc
clear
usync.html
eus.rubiconproject.com/ Frame 0888 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rus.delfi.ee/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rus.delfi.ee/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 08 May 2021 11:00:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
load-cookie.html
user-sync.adxpremium.services/ Frame A27A 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876

Request headers

:method
GET
:authority
user-sync.adxpremium.services
:scheme
https
:path
/load-cookie.html?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rus.delfi.ee/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rus.delfi.ee/

Response headers

date
Sat, 08 May 2021 11:00:52 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d21a0ebbc51a8952d26d2bab63fd28cc41620471652; expires=Mon, 07-Jun-21 11:00:52 GMT; path=/; domain=.adxpremium.services; HttpOnly; SameSite=Lax
cache-control
no-cache, no-store, must-revalidate
expires
0
last-modified
Fri, 26 Feb 2021 09:17:16 GMT
pragma
no-cache
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
09ed3c397100004dd606aea000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D8GU7nv%2BaNNy0k9e%2B0Dgr3Mr4ZztwP4v%2Busao9ltRmExvxmH4N1Gqnl8VTKy2l0%2Brun%2FTlUXAiyvJFFV7R%2FbZn4KNp8bUwNs6jWbIe72MAKyB4ScCL8C5qre%2BBmI70k%2B8oPbDYcMbCFSJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64c22fd589904dd6-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
sspmatch-iframe
ads.betweendigital.com/ Frame F495
Redirect Chain
  • https://ads.betweendigital.com/sspmatch-iframe
  • https://ads.betweendigital.com/sspmatch-iframe?crf=1
658 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe?crf=1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c79e814078bb2afb3adcf19e8b6a0f38177d326b743de187bb37a93feec3ffbf

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/sspmatch-iframe?crf=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rus.delfi.ee/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=lux1; tuuid=04a15c81-ae22-5280-80ca-3c91e05c53f5; ut=YJZvZAALE_Dzygf-Do4wa91TnASViTAyPGwKrw==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rus.delfi.ee/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
658

Redirect headers

location
/sspmatch-iframe?crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
set-cookie
dc=lux1; Max-Age=315360000; Expires=Tue, 06 May 2031 11:00:52 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure tuuid=04a15c81-ae22-5280-80ca-3c91e05c53f5; Max-Age=315360000; Expires=Tue, 06 May 2031 11:00:52 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ut=YJZvZAALE_Dzygf-Do4wa91TnASViTAyPGwKrw==; Max-Age=315360000; Expires=Tue, 06 May 2031 11:00:52 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ss=1; Max-Age=315360000; Expires=Tue, 06 May 2031 11:00:52 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
content-length
0
cookie_sync
user-sync.adxpremium.services/ Frame A27A 		2 KB
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/cookie_sync
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2380f180199a4e2e4f231e34f97ac82949a84042e792ef5532be2956b99f563d

Request headers

Referer
https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 08 May 2021 11:00:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09ed3c3aba00004dd615a77000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GleurTf9B12fiXyI4b%2BPbl%2FLDYOjY9Uum7EX4DDahBVGqMYUSEfhweqWmzBdhYpV0E%2BvpyVYDIDgwzFz2kzax28%2Bo0pi6%2BbJbFrcSN85TyzBjy0QaICxLKAVpR6eZ%2FYZdo66d3abH3MZlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://user-sync.adxpremium.services
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
64c22fd78e784dd6-FRA
expires
0
pd
eu-u.openx.net/w/1.0/ Frame 80C0 		668 B
717 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
64fd71b8bb460fb9e9a94303f6515df02d0388762ca6adcd29b38354bd702050

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rus.delfi.ee/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=9d5de696-fede-0d1c-020a-b1103252cd4c|1620471652
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rus.delfi.ee/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=9d5de696-fede-0d1c-020a-b1103252cd4c|1620471652; Version=1; Expires=Sun, 08-May-2022 11:00:52 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620471652|gekin0vNiygu; Version=1; Expires=Sun, 23-May-2021 11:00:52 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 08 May 2021 11:00:52 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
load-cookie.html
user-sync.adxpremium.services/ Frame 8B46 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876

Request headers

:method
GET
:authority
user-sync.adxpremium.services
:scheme
https
:path
/load-cookie.html?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rus.delfi.ee/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rus.delfi.ee/

Response headers

date
Sat, 08 May 2021 11:00:53 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d5d354240b8fac159a0361d19e8d87aa51620471653; expires=Mon, 07-Jun-21 11:00:53 GMT; path=/; domain=.adxpremium.services; HttpOnly; SameSite=Lax
cache-control
no-cache, no-store, must-revalidate
expires
0
last-modified
Fri, 26 Feb 2021 09:17:16 GMT
pragma
no-cache
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
09ed3c3ac300004dd6c2105000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eznU2N3zYDjAF5J4XjW37O0KSB7JO8kAm%2ByaYxa0utEwWhaktv8CYYWLIpNmwC8he7yWdq0wdHHT69hCcygaStJw3bwFlt0XHVOpVF5wrobd6pg6EOouo2hLrs%2FXJqbd5AkFAB2c5sArLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64c22fd79eac4dd6-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
sspmatch-iframe
ads.betweendigital.com/ Frame 7229 		658 B
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
32af77105549407dc4852de9f80c38efdd4ff752eff9c76c93ea014fb2cd87e2

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/sspmatch-iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rus.delfi.ee/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=lux1; tuuid=04a15c81-ae22-5280-80ca-3c91e05c53f5; ut=YJZvZAALE_Dzygf-Do4wa91TnASViTAyPGwKrw==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rus.delfi.ee/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
658
usync.html
eus.rubiconproject.com/ Frame B9EB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rus.delfi.ee/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rus.delfi.ee/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 08 May 2021 11:00:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6465 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rus.delfi.ee/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rus.delfi.ee/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 03 May 2021 04:58:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 08 May 2021 11:00:52 GMT
Age
21756
X-Served-By
cache-lga21935-LGA, cache-cdg20726-CDG
X-Cache
HIT, HIT
X-Cache-Hits
1, 115807
X-Timer
S1620471653.794892,VS0,VE0
Vary
Accept-Encoding
sd
eu-u.openx.net/w/1.0/ Frame F9EA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=14b06096-6f64-4700-9fc3-162def39c554
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=14b06096-6f64-4700-9fc3-162def39c554
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 08 May 2021 11:02:39 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=14b06096-6f64-4700-9fc3-162def39c554
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 08 May 2021 11:02:38 GMT
sd
us-u.openx.net/w/1.0/ Frame F9EA
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=PiAV3j52GtwlcknRbSQB2j0kG9Elc03ebCmeNrtk
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=PiAV3j52GtwlcknRbSQB2j0kG9Elc03ebCmeNrtk
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=PiAV3j52GtwlcknRbSQB2j0kG9Elc03ebCmeNrtk
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame F9EA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3665908147143768479
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3665908147143768479
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3665908147143768479
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame F9EA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=4ef1d9cf-5759-32eb-58dc-79f85675feb1&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame F9EA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI5ZTBhMDUtOWUyZS02YzRmLTRkM2MtMjM0MTljOTczMGQx
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI5ZTBhMDUtOWUyZS02YzRmLTRkM2MtMjM0MTljOTczMGQx&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI5ZTBhMDUtOWUyZS02YzRmLTRkM2MtMjM0MTljOTczMGQx&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI5ZTBhMDUtOWUyZS02YzRmLTRkM2MtMjM0MTljOTczMGQx&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F9EA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEICCL25lu0gk68HIjq2ztnw&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEICCL25lu0gk68HIjq2ztnw&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEICCL25lu0gk68HIjq2ztnw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 80C0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=662a6096-6f64-4b00-80a9-611ac97ecd1c
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=662a6096-6f64-4b00-80a9-611ac97ecd1c
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 08 May 2021 11:02:39 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x13
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=662a6096-6f64-4b00-80a9-611ac97ecd1c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 08 May 2021 11:02:38 GMT
sd
us-u.openx.net/w/1.0/ Frame 80C0
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=PiAV3j52GtwlcknRbSQB2j0kG9Elc03ebCmeNrtk
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=PiAV3j52GtwlcknRbSQB2j0kG9Elc03ebCmeNrtk
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=PiAV3j52GtwlcknRbSQB2j0kG9Elc03ebCmeNrtk
pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 80C0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2077501391473957490
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2077501391473957490
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2077501391473957490
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 80C0 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=4ef1d9cf-5759-32eb-58dc-79f85675feb1&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 80C0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI5ZTBhMDUtOWUyZS02YzRmLTRkM2MtMjM0MTljOTczMGQx
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI5ZTBhMDUtOWUyZS02YzRmLTRkM2MtMjM0MTljOTczMGQx&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI5ZTBhMDUtOWUyZS02YzRmLTRkM2MtMjM0MTljOTczMGQx&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjI5ZTBhMDUtOWUyZS02YzRmLTRkM2MtMjM0MTljOTczMGQx&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 80C0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIUkpAhlksRW6FthBhhNzz4&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIUkpAhlksRW6FthBhhNzz4&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIUkpAhlksRW6FthBhhNzz4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 0C63
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:52 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.83:80
AN-X-Request-Uuid
018af4b5-7aaf-4914-af7e-16edac173a5d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:52 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.239:80
AN-X-Request-Uuid
158f0007-7bf0-4109-9d68-ba1545942334
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
ads.betweendigital.com/ Frame F495
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=9c497d83-c0c6-42cf-b0d1-8da5dbde543e
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=9c497d83-c0c6-42cf-b0d1-8da5dbde543e
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
date
Sat, 08 May 2021 11:00:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ads.betweendigital.com/ Frame F495
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u7LcVlZdq143.AikABlF5S6Miew
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u7LcVlZdq143.AikABlF5S6Miew
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:53 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f5-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u7LcVlZdq143.AikABlF5S6Miew
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/ Frame F495
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8bf2fa182cf8f561da7d3412
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8bf2fa182cf8f561da7d3412
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Sat, 08 May 2021 11:00:52 GMT
Server
nginx
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8bf2fa182cf8f561da7d3412
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
match
ads.betweendigital.com/ Frame F495
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjk3tmEBlIFvp7KygpiJDA0YTE1YzgxLWFlMjItNTI4MC04MGNhLTNjOTFlMDVjNTNmNQ**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjk3tmEBlIFvp7KygpiJDA0YTE1YzgxLWFlMjItNTI4MC04MGNhLTNjOTFlMDVjNTNmNaIBEKgB6X6v7BHrilMMxHptL-8*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABjk3tmEBmIkMDRhMTVjODEtYWUyMi01MjgwLTgwY2EtM2M5MWUwNWM1M2Y1ogEQqAHpfq_sEeuKUwzEem0v7w**
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARjk3tmEBmIkMDRhMTVjODEtYWUyMi01MjgwLTgwY2EtM2M5MWUwNWM1M2Y1ogEQqAHpfq_sEeuKUwzEem0v7w**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=a801e97e-afec-11eb-8a53-0cc47a6d2fef
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=a801e97e-afec-11eb-8a53-0cc47a6d2fef
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Sat, 08 May 2021 11:00:53 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//ads.betweendigital.com/match?bidder_id=18&external_user_id=a801e97e-afec-11eb-8a53-0cc47a6d2fef
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
bidder_18.html
cache.betweendigital.com/code/ Frame 293A 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=04a15c81-ae22-5280-80ca-3c91e05c53f5&CACHEBUSTER=952735
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.254.23.213 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
801739505e546b0de4cc1be031d92e22aa81668a2720e49648ec45fec81b0a2c

Request headers

:method
GET
:authority
cache.betweendigital.com
:scheme
https
:path
/code/bidder_18.html?USER_ID=04a15c81-ae22-5280-80ca-3c91e05c53f5&CACHEBUSTER=952735
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.betweendigital.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=lux1; tuuid=04a15c81-ae22-5280-80ca-3c91e05c53f5; ut=YJZvZAALE_Dzygf-Do4wa91TnASViTAyPGwKrw==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.betweendigital.com/

Response headers

server
nginx
date
Sat, 08 May 2021 11:00:52 GMT
content-type
text/html
last-modified
Fri, 23 Apr 2021 10:45:01 GMT
etag
W/"6082a52d-1080"
content-encoding
gzip
match
ads.betweendigital.com/ Frame 7229
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=662889f9-a97e-4d39-ad38-febbb748d72e
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=662889f9-a97e-4d39-ad38-febbb748d72e
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=30006527-a637-42be-8eb7-15ad3061b1ce&ssp=between&expires=30&user_group=5&bsw_param=662889f9-a97e-4d39-ad38-febbb748d72e
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
date
Sat, 08 May 2021 11:00:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ads.betweendigital.com/ Frame 7229
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u7LcVlZdq143.AikABlF5S6Miew
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u7LcVlZdq143.AikABlF5S6Miew
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:53 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f5-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u7LcVlZdq143.AikABlF5S6Miew
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/ Frame 7229
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjk3tmEBlIFvp7KygpiJDA0YTE1YzgxLWFlMjItNTI4MC04MGNhLTNjOTFlMDVjNTNmNQ**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjk3tmEBlIFvp7KygpiJDA0YTE1YzgxLWFlMjItNTI4MC04MGNhLTNjOTFlMDVjNTNmNaIBEKgB5g6v7BHrilMMxHptL-8*
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhjk3tmEBlIFvp7KygpiJDA0YTE1YzgxLWFlMjItNTI4MC04MGNhLTNjOTFlMDVjNTNmNaIBEKgB6X6v7BHrilMMxHptL-8*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABjk3tmEBmIkMDRhMTVjODEtYWUyMi01MjgwLTgwY2EtM2M5MWUwNWM1M2Y1ogEQqAHpfq_sEeuKUwzEem0v7w**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=a801e97e-afec-11eb-8a53-0cc47a6d2fef
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=a801e97e-afec-11eb-8a53-0cc47a6d2fef
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Sat, 08 May 2021 11:00:53 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//ads.betweendigital.com/match?bidder_id=18&external_user_id=a801e97e-afec-11eb-8a53-0cc47a6d2fef
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
match
ads.betweendigital.com/ Frame 7229
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=42d7ca0490d857002311dbb2
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=42d7ca0490d857002311dbb2
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Sat, 08 May 2021 11:00:52 GMT
Server
nginx
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=42d7ca0490d857002311dbb2
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
bidder_18.html
cache.betweendigital.com/code/ Frame 6772 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=04a15c81-ae22-5280-80ca-3c91e05c53f5&CACHEBUSTER=848224
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.254.23.213 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
801739505e546b0de4cc1be031d92e22aa81668a2720e49648ec45fec81b0a2c

Request headers

:method
GET
:authority
cache.betweendigital.com
:scheme
https
:path
/code/bidder_18.html?USER_ID=04a15c81-ae22-5280-80ca-3c91e05c53f5&CACHEBUSTER=848224
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.betweendigital.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=lux1; tuuid=04a15c81-ae22-5280-80ca-3c91e05c53f5; ut=YJZvZAALE_Dzygf-Do4wa91TnASViTAyPGwKrw==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.betweendigital.com/

Response headers

server
nginx
date
Sat, 08 May 2021 11:00:52 GMT
content-type
text/html
last-modified
Fri, 23 Apr 2021 10:45:01 GMT
etag
W/"6082a52d-1080"
content-encoding
gzip
usync.js
eus.rubiconproject.com/ Frame 0888 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55023
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Sun, 09 May 2021 02:17:55 GMT
bounce
ib.adnxs.com/ Frame 6465
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:52 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.151:80
AN-X-Request-Uuid
d93dc942-f305-483e-8ce1-04bb8bd192f3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:52 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.113:80
AN-X-Request-Uuid
b24b0ffc-1445-445d-9027-fc07d64eb647
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame B9EB 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55023
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Sun, 09 May 2021 02:17:55 GMT
khaos.jpg
token.rubiconproject.com/ Frame 0888 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
match
ads.betweendigital.com/ Frame 293A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=between
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=875739026593431141&expires=30&ssp=between
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
date
Sat, 08 May 2021 11:00:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ads.betweendigital.com/ Frame 6772
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=662889f9-a97e-4d39-ad38-febbb748d72e
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=30006527-a637-42be-8eb7-15ad3061b1ce&ssp=between&expires=30&user_group=5&bsw_param=662889f9-a97e-4d39-ad38-febbb748d72e
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=662889f9-a97e-4d39-ad38-febbb748d72e
date
Sat, 08 May 2021 11:00:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync.html
s.adtelligent.com/ Frame 7E6E 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=601760
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
02e89ae04433ec2555f27e543f23ba9361c23a8ad89d357ba5f8b40c83c6a231

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://user-sync.adxpremium.services/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

Server
VertaMedia 1.0
Date
Sat, 08 May 2021 11:00:52 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
736
Access-Control-Allow-Origin
https://user-sync.adxpremium.services
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
cookie_sync
user-sync.adxpremium.services/ Frame 8B46 		2 KB
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/cookie_sync
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2380f180199a4e2e4f231e34f97ac82949a84042e792ef5532be2956b99f563d

Request headers

Referer
https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 08 May 2021 11:00:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09ed3c3c0800004dd6f027d000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FhR9ebOmkbGasyVmqje8gD%2FOizKcmSRM81eDUGOglsUSdwfb8kkWWrob0c8dBj%2B20ZO0hktWn8o%2FcjaNtzvpZU%2FeJFNp%2BRP9sNO%2B6KDQ8ttbZNvWl7CP67O3CCTJOrJBk%2FrGVCyuBLfjZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://user-sync.adxpremium.services
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
64c22fd9abb04dd6-FRA
expires
0
csync
sync.adtelligent.com/ Frame 7E6E
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=772f5600-eec6-0102-3350-b9edd72e3c3c
86 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=772f5600-eec6-0102-3350-b9edd72e3c3c
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:53 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=772f5600-eec6-0102-3350-b9edd72e3c3c
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
i4madtv03nmsoref6m8mia3hr9qt5e9e
csync
sync.adtelligent.com/ Frame 7E6E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4318781350889431294
86 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4318781350889431294
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:53 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.55:80
AN-X-Request-Uuid
1b837f7b-3462-407d-9ca9-f388cd305055
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4318781350889431294
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
rtb.adxpremium.services/ Frame 7E6E
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D
  • https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=c04b45ba947ec6ef
0
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=c04b45ba947ec6ef
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5PVr%2BSjZLonTis2G2QDydOhuzetCs1An0ALzDj3wJJFAFczyTG5v4UhXlzeOLjMcl9Uy28TzUz2C1KOZP%2B148WIbqa%2FKPRtgSNXIn5TqMc1sPoYJAjA7jk5%2BnRiBIjt26NMOtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
64c22fdb3ffe4dd6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
09ed3c3d0800004dd63086a000000001
expires
0

Redirect headers

Location
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=c04b45ba947ec6ef
Date
Sat, 08 May 2021 11:00:52 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
sync.html
s.adtelligent.com/ Frame 2BBE 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=601760
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
5b5539135143814703c866c2b8561b50641478c3996afafed0de64dc13eb67ff

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://user-sync.adxpremium.services/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

Server
VertaMedia 1.0
Date
Sat, 08 May 2021 11:00:52 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
743
Access-Control-Allow-Origin
https://user-sync.adxpremium.services
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
csync
sync.adtelligent.com/ Frame 2BBE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4318781350889431294
86 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4318781350889431294
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:53 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.235:80
AN-X-Request-Uuid
8627312b-b7e3-47e2-9a54-46ef203a98da
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4318781350889431294
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 2BBE
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=772f5600-eec6-0102-3350-b9edd72e3c3c
86 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=772f5600-eec6-0102-3350-b9edd72e3c3c
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=772f5600-eec6-0102-3350-b9edd72e3c3c
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
u1h8gn1nj6d9l9r3ss206vavt1fb5njl
setuid
rtb.adxpremium.services/ Frame 2BBE
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D
  • https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=c04b45ba947ec6ef
0
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=c04b45ba947ec6ef
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eb6OgpZIwHmHISipQiaUeErd5HiP2O7dcROml3xLqMC4nmEMqfRed1GFxmCOK5%2FHWiYHHjTWKPG7Pxuh7H3s1wGZwPW1m5WbEJMzy5hwqFtAfMtCUeoZRy5PS%2BSq3LWdCfqdxw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
64c22fdd8f734dd6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
09ed3c3e7c00004dd61293b000000001
expires
0

Redirect headers

Location
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=c04b45ba947ec6ef
Date
Sat, 08 May 2021 11:00:52 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
C7CDA3FD002FF091
an.yandex.ru/setud/adsniper/ Frame 6772
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a801e97e-afec-11eb-8a53-0cc47a6d2fef
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a801e97e-afec-11eb-8a53-0cc47a6d2fef&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=m9YRmPhGU2Q1WG%2BWu0RYVw&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=m9YRmPhGU2Q1WG+Wu0RYVw&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=m9YRmPhGU2Q1WG+Wu0RYVw&extra2=aidata&google_gid=CAESEAQUvmtZ1pT8UVtoViv_l6E&google_cver=1
  • https://sync.bumlam.com/?src=ggl&extra1=m9YRmPhGU2Q1WG+Wu0RYVw&extra2=aidata&google_gid=CAESEAQUvmtZ1pT8UVtoViv_l6E&google_cver=1
  • https://an.yandex.ru/setud/adsniper/C7CDA3FD002FF091?sign=1912316256
  • https://an.yandex.ru/setud/adsniper/C7CDA3FD002FF091?redir-setuniq=1&sign=1912316256
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/adsniper/C7CDA3FD002FF091?redir-setuniq=1&sign=1912316256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 11:00:54 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 08 May 2021 11:00:54 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 11:00:54 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/setud/adsniper/C7CDA3FD002FF091?redir-setuniq=1&sign=1912316256
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 08 May 2021 11:00:54 GMT
C7CDA3FD002FF091
an.yandex.ru/setud/adsniper/ Frame 293A
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a801e97e-afec-11eb-8a53-0cc47a6d2fef
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a801e97e-afec-11eb-8a53-0cc47a6d2fef&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=m9YRmPhGU2Q1WG%2BWu0RYVw&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=m9YRmPhGU2Q1WG+Wu0RYVw&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=m9YRmPhGU2Q1WG+Wu0RYVw&extra2=aidata&google_gid=CAESEAQUvmtZ1pT8UVtoViv_l6E&google_cver=1
  • https://sync.bumlam.com/?src=ggl&extra1=m9YRmPhGU2Q1WG+Wu0RYVw&extra2=aidata&google_gid=CAESEAQUvmtZ1pT8UVtoViv_l6E&google_cver=1
  • https://an.yandex.ru/setud/adsniper/C7CDA3FD002FF091?sign=1912316256
  • https://an.yandex.ru/setud/adsniper/C7CDA3FD002FF091?redir-setuniq=1&sign=1912316256
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/adsniper/C7CDA3FD002FF091?redir-setuniq=1&sign=1912316256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 11:00:54 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 08 May 2021 11:00:54 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 11:00:54 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/setud/adsniper/C7CDA3FD002FF091?redir-setuniq=1&sign=1912316256
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 08 May 2021 11:00:54 GMT
async_usersync
ib.adnxs.com/ Frame 0C63 		0
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:53 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.236:80
AN-X-Request-Uuid
85fd1786-09b8-4c09-a562-a5397966bc7a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6465 		0
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:53 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.7:80
AN-X-Request-Uuid
ed453eaf-b4f2-45e3-91bd-df8a5de34069
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
connectmyusers.php
cdn.connectad.io/ Frame F63A 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user-sync.adxpremium.services/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

date
Sat, 08 May 2021 11:00:54 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=ddad95c8c7eff8942c7f3ce00fe95caa91620471654; expires=Mon, 07-Jun-21 11:00:54 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax
cf-cache-status
DYNAMIC
cf-request-id
09ed3c3ea400004e6d4b0ac000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64c22fdddfe64e6d-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
1
sync-eu.connectad.io/syncer/ Frame 8897 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
sync-eu.connectad.io
:scheme
https
:path
/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.connectad.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cadsync
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.connectad.io/

Response headers

date
Sat, 08 May 2021 11:00:54 GMT
set-cookie
__cfduid=d77476b40d522f2136569c8b23a5877631620471654; expires=Mon, 07-Jun-21 11:00:54 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control
no-cache, private
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
09ed3c3ed400004e6d11b5b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64c22fde18e34e6d-FRA
connectmyusers.php
cdn.connectad.io/ Frame E3E6 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user-sync.adxpremium.services/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cadsync
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

date
Sat, 08 May 2021 11:00:54 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d5a96c09ee1fee03290e26c6116b2a4cf1620471654; expires=Mon, 07-Jun-21 11:00:54 GMT; path=/; domain=.connectad.io; HttpOnly; SameSite=Lax
cf-cache-status
DYNAMIC
cf-request-id
09ed3c3ee00000c27c61849000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64c22fde3a4cc27c-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D6DE 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://user-sync.adxpremium.services/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=100301
Expires
Sun, 09 May 2021 14:52:35 GMT
Date
Sat, 08 May 2021 11:00:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4725 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://user-sync.adxpremium.services/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=100301
Expires
Sun, 09 May 2021 14:52:35 GMT
Date
Sat, 08 May 2021 11:00:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
track.adform.net/serving/unload/ Frame CF66 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=8545480290022290403@@36867540,6554767510084670850,0|0|0|0|0|0|0|0|0||0|0|1931|eb4ecda123c946c2aefe7249847c2743|||1|0|0|5Gmkb-9LVf15lT90q-mtzd6Q0FnG0ITNDj-Itu-fBlQALE75NvPaF8RrCHZXs5_srbm0Fun4sOPrtsVLAYaTjw5Pz2Pi363F8olCMWCVXMxkAW6OdCBF7A2|EnuD05QSDpgPDAynFSSJ3CmV8zAdCXPtxP1jqr9M9RzBQfF2VmgX3X0ZnuzDZnP9_8hlTmhlwk9evBo7TScIrujxciOAuJYtEY1E-DIXNNJjG9J2fw5nANPOZ-KNB9-2VGKAr-MaNlsRzMQZFNLc-nFNbdWUUaeH25CsXkRpVszMIsS_3pUO00STmTUEMx07yLjKYuCVlIHB9s6arDrHDQD0RPXN0lXnZkzvEnnYVYTyy4wyDeiitL29pwlpr4xG0KaT4vFO-uk41UNF96Y0nDQp39rtC4WSTl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcj14kPtH9xaQ8i06k6C3BxSjsnMjdaoSEy7g36-3dGKM4MlVkqfm9RgqGqhgEzk62OwHGz6B6dJ1w2||11|0@@36862089,3375714516491981332,0|0|0|0|0|0|0|0|0||0|0|1931|4a16552535e147ec859734671200a269|||1|0|0|3j_-rpG5-t15lT90q-mtzd6Q0FnG0ITNDj-Itu-fBlQALE75NvPaF8RrCHZXs5_srbm0Fun4sOPrtsVLAYaTjzjJwYFkGRDPeaosEFo_vuNkAW6OdCBF7A2|EnuD05QSDpiu7n-9lBY4jCmV8zAdCXPtxP1jqr9M9RzBQfF2VmgX3X0ZnuzDZnP9_8hlTmhlwk9evBo7TScIrlJDhi0Lcj87WFftp9anb_SLx3d_NpjMpSm8LE9L9O6i9vPntZY8cOjfGHYhGEBzsXFNbdWUUaeH25CsXkRpVszMIsS_3pUO00STmTUEMx07yLjKYuCVlIHB9s6arDrHDQD0RPXN0lXnZkzvEnnYVYTyy4wyDeiitL29pwlpr4xG0KaT4vFO-uk41UNF96Y0nDQp39rtC4WSTl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcj14kPtH9xaQ8i06k6C3BxSjsnMjdaoSEy7g36-3dGKM4MlVkqfm9RgqGqhgEzk62OwHGz6B6dJ1w2|1|11|0
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame CF66 		35 B
467 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=8545480290022290403@@45642394,188517228315931820,100|4587|0|0|0|0|0|0|0||1529|0|1931|547e9cee13404c56a91b1c65ee4e4cbe|||1|0|0|MbWH8w1JPFh5lT90q-mtzd6Q0FnG0ITNDj-Itu-fBlQALE75NvPaF8RrCHZXs5_srbm0Fun4sOPrtsVLAYaTj7sL3z22sbC6SKAx7GJGBSZkAW6OdCBF7A2|EnuD05QSDpjy1F7SNpPYWfs9APOQ3NaGxP1jqr9M9RzBQfF2VmgX3X0ZnuzDZnP9_8hlTmhlwk9evBo7TScIrqwIk5e04NStgT3v5svbYOW6ju9TOUYjNtzMdZ1buOT-C4j6hPy6qDhlJ0QIrUe_VXFNbdWUUaeH25CsXkRpVszMIsS_3pUO00STmTUEMx07yLjKYuCVlIHB9s6arDrHDQD0RPXN0lXnZkzvEnnYVYTyy4wyDeiitL29pwlpr4xG0KaT4vFO-uk41UNF96Y0nDQp39rtC4WSTl_t_VTCgLMftRGS_WD8PKTsr_2RmcZIPt9C3FD8nswul-GXqLpWrSBnTHobYKDLBUn94cul77w4ZkgiY9VG15X46o_19AtyOlu1sCJIBrknCQ_K8fDxXDyAHnhZIXU_zOKB5TeyBcj14kPtH9xaQ8i06k6C3BxSjsnMjdaoSEy7g36-3dGKM4MlVkqfm9RgqGqhgEzk62OzqaJiGF9SP01UJNdESrjx0|1|01|0
Requested by
Host: af1.nh.ee
URL: https://af1.nh.ee/stoat/626/af1.nh.ee/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://rus.delfi.ee
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7EDF 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=52442
Expires
Sun, 09 May 2021 01:34:56 GMT
Date
Sat, 08 May 2021 11:00:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame DA17 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=52442
Expires
Sun, 09 May 2021 01:34:56 GMT
Date
Sat, 08 May 2021 11:00:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 7EDF 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=71061154&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f7e69d250e3f9dff9ff8a545496d4dae4d12ac211b6b876e3cb5d2fd49a1a283

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:54 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
setuid
rtb.adxpremium.services/ Frame 8B46
Redirect Chain
  • https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D
  • https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=E2chmAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RX...
  • https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=4318781350889431294&mpk=E2chmAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV...
  • https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=4318781350889431294
0
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=4318781350889431294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://user-sync.adxpremium.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OoIuxJFLVw%2BZASqsNHeSGpeVSrZ1F443MN7B6B5ipYx8Scs5aGjm2dTSH3KUihyy2nX94HoBhks3nDp1sHh6fxPn1v6wNvvTlCj6RUwmIv0gikM3VPTdviwVlhKNAdSaaN0E5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
64c22fe31eab4dd6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
09ed3c41f500004dd6f4a7e000000001
expires
0

Redirect headers

date
Sat, 08 May 2021 11:00:54 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bk0lfz9riptRvLcetwKzOFxoZyScK9qG2hPbTpko%2BjqVs4EJiCfEmNCW70MnZbuCVJEMC1gcZ11AQLSAYRMl%2Bq49z48VTYMpr0QLcdio7YGwTHByRF0igAcvwg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=4318781350889431294
cf-ray
64c22fe08d372b95-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
09ed3c405100002b958e211000000001
usync.html
eus.rubiconproject.com/ Frame 05B5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=04a15c81-ae22-5280-80ca-3c91e05c53f5&CACHEBUSTER=848224
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cache.betweendigital.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 08 May 2021 11:00:54 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date
Sat, 08 May 2021 11:00:54 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.html
eus.rubiconproject.com/ Frame 7C48
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=04a15c81-ae22-5280-80ca-3c91e05c53f5&CACHEBUSTER=952735
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cache.betweendigital.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 08 May 2021 11:00:54 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date
Sat, 08 May 2021 11:00:54 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usersync.aspx
dis.criteo.com/dis/ Frame 0265 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sat, 08 May 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1374
x-powered-by
ASP.NET
date
Sat, 08 May 2021 11:00:53 GMT
content-length
43
pubmatic
d5p.de17a.com/getuid/ Frame 8FE2 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.180 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
setuid
rtb.adxpremium.services/ Frame 199A 		0
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=6DD056B2-15AF-4062-ACC3-26AE1DE500BD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
rtb.adxpremium.services
:scheme
https
:path
/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=6DD056B2-15AF-4062-ACC3-26AE1DE500BD
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSCookie=1; uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJjMDRiNDViYTk0N2VjNmVmIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTQuMDE5NTk1ODU3KzAyOjAwIn19LCJiZGF5IjoiMjAyMS0wNS0wOFQxMzowMDo1My42NTkwMjAxOTkrMDI6MDAifQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 08 May 2021 11:00:54 GMT
content-length
0
set-cookie
__cfduid=d44a057e6a01c60c8802fa697de9159e71620471654; expires=Mon, 07-Jun-21 11:00:54 GMT; path=/; domain=.adxpremium.services; HttpOnly; SameSite=Lax SSCookie=1; Path=/; Expires=Fri, 06 Aug 2021 11:00:54 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJjMDRiNDViYTk0N2VjNmVmIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTQuMDE5NTk1ODU3KzAyOjAwIn0sInB1Ym1hdGljIjp7InVpZCI6IjZERDA1NkIyLTE1QUYtNDA2Mi1BQ0MzLTI2QUUxREU1MDBCRCIsImV4cGlyZXMiOiIyMDIxLTA1LTIyVDEzOjAwOjU0LjczODk0NjE4OCswMjowMCJ9fSwiYmRheSI6IjIwMjEtMDUtMDhUMTM6MDA6NTMuNjU5MDIwMTk5KzAyOjAwIn0=; Path=/; Domain=adxpremium.services; Expires=Fri, 06 Aug 2021 11:00:54 GMT; Secure; SameSite=None
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
09ed3c413f00004dd6c21b2000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SE0pJdIzgSW6XfV8WHbKMPaPqkkUbj19elkDIrmOTbo3XIPgD4gCe8mDgGoNeiJvqazPAyuvpRyDCe0tv5aPyEoxg%2FOwGwgtlhliqeiLA052yT8jOTnG0qTYtOSTqVBApLMahA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64c22fe1fbef4dd6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7EDF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bdBWshWvQGKswyauHeUAvQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=100301
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sun, 09 May 2021 14:52:35 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 7EDF 		95 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6DD056B2-15AF-4062-ACC3-26AE1DE500BD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
64c22fe03a954e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c402600004e505839b000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 7EDF
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6DD056B2-15AF-4062-ACC3-26AE1DE500BD&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6DD056B2-15AF-4062-ACC3-26AE1DE500BD&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6DD056B2-15AF-4062-ACC3-26AE1DE500BD&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:52 GMT
frontend-id
13
location
/pubmatic/1/info2?sType=sync&sExtCookieId=6DD056B2-15AF-4062-ACC3-26AE1DE500BD&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 7EDF
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6DD056B2-15AF-4062-ACC3-26AE1DE500BD&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6DD056B2-15AF-4062-ACC3-26AE1DE500BD&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6DD056B2-15AF-4062-ACC3-26AE1DE500BD&addseg=12,35,41
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6DD056B2-15AF-4062-ACC3-26AE1DE500BD&addseg=12,35,41
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:54 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Sat, 08 May 2021 11:00:54 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6DD056B2-15AF-4062-ACC3-26AE1DE500BD&addseg=12,35,41
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 7EDF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkREMDU2QjItMTVBRi00MDYyLUFDQzMtMjZBRTFERTUwMEJE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:54 GMT
X-lat
lhrpug006:0:534
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7EDF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIeMHEcTJY6tORZZiwAxnxU&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIeMHEcTJY6tORZZiwAxnxU&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:54 GMT
X-lat
lhrpug011:0:503
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIeMHEcTJY6tORZZiwAxnxU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 7EDF 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 07 May 2021 11:00:54 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7EDF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1178f91a-f619-4021-be2b-fd52ea2c0d79
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1178f91a-f619-4021-be2b-fd52ea2c0d79
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:52 GMT
X-lat
amspug020:0:371
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1178f91a-f619-4021-be2b-fd52ea2c0d79
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 7EDF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2077501391473957490
42 B
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2077501391473957490
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:53 GMT
X-lat
amspug015:0:2540
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2077501391473957490
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 7EDF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:662a6096-6f64-4b00-80a9-611ac97ecd1c&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:662a6096-6f64-4b00-80a9-611ac97ecd1c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:52 GMT
X-lat
amspug014:0:389
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Sat, 08 May 2021 11:02:40 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x11
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:662a6096-6f64-4b00-80a9-611ac97ecd1c&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 08 May 2021 11:02:39 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7EDF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4318781350889431294&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4318781350889431294&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:54 GMT
X-lat
lhrpug009:0:457
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:54 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.40:80
AN-X-Request-Uuid
87198e1e-7e63-43bf-b10c-31393eb5edd4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4318781350889431294&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
6DD056B2-15AF-4062-ACC3-26AE1DE500BD
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7EDF 		43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6DD056B2-15AF-4062-ACC3-26AE1DE500BD?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 05B5 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55021
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Sun, 09 May 2021 02:17:55 GMT
usync.js
eus.rubiconproject.com/ Frame 7C48 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55021
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Sun, 09 May 2021 02:17:55 GMT
khaos.jpg
token.rubiconproject.com/ Frame 05B5 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 7C48 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
pixel.gif
sync.1dmp.io/ Frame 6772
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5&cs=1
35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5&cs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dmc-test-dn3
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:54 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0

Redirect headers

location
/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5&cs=1
date
Sat, 08 May 2021 11:00:54 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0
pixel.gif
sync.1dmp.io/ Frame 293A
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5
  • https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5&cs=1
35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5&cs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dmc-test-dn3
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:54 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0

Redirect headers

location
/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5&cs=1
date
Sat, 08 May 2021 11:00:54 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0
848224
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 6772
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/848224
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/848224
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/848224
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
tns-counter-3.1.0/1.18.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
tns-counter-3.1.0/1.18.0
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
server
tns-counter-3.1.0/1.18.0
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/848224
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
952735
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 293A
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/952735
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/952735
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/952735
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
tns-counter-3.1.0/1.18.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
tns-counter-3.1.0/1.18.0
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
server
tns-counter-3.1.0/1.18.0
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/952735
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
setuid
rtb.adxpremium.services/ Frame A27A
Redirect Chain
  • https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D
  • https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=IcqXZAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RX...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdmp.rtbsrv.com%2Fdmp%2Fprofiles%2Fcm%2Fap%2FgetId%3Fgid%3D%2524UID%26mpk%3DIcqXZAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZn...
  • https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=4075677591857000862&mpk=IcqXZAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV...
  • https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=4075677591857000862
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=4075677591857000862
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://user-sync.adxpremium.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wRpHQWTIsiee9Z%2FIjECtTg6yK02dMXwMoYcoiOlwVhSiyKqtIo3eUz2EXrBWgsWsg9QdeSDm09jAPX%2F%2BHdXeNlZXdIWuerqfWSkptPU95tfFl2xVz%2FKdcVD5VKL0olcPQQ6yFg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
64c22fe5ddb14dd6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
09ed3c43aa00004dd6d2255000000001
expires
0

Redirect headers

date
Sat, 08 May 2021 11:00:55 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t%2BZdaicwXAbf5dozesbrpLbOOOPYC70OLOpLZMY%2BThrhWMGi1hxs42j5PNaHjSVWRVSzOtyDBOq7LLOuGuO9z6BABKqANI4xlDZxJ3MB5kq1cZ7XqgqYF%2F%2FhBA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=4075677591857000862
cf-ray
64c22fe34be52b95-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
09ed3c420e00002b95a81fa000000001
betweendata
api.rees46.com/profile/ Frame 6772 		43 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.rees46.com/profile/betweendata?rand=848224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.99.242.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
a02.smtp.rees46.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:54 GMT
access-control-allow-credentials
true
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-length
43
content-type
image/gif
betweendata
api.rees46.com/profile/ Frame 293A 		43 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.rees46.com/profile/betweendata?rand=952735
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.99.242.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
a02.smtp.rees46.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:54 GMT
access-control-allow-credentials
true
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-length
43
content-type
image/gif
/
ads.us.e-planning.net/uspd/1/ Frame 1327
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_...
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
0bab303a3f138e7f38e516ec1465ad01d8a6c20c2ca2e45493f16415fd7da4fc

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user-sync.adxpremium.services/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
CT=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

server
openresty
date
Sat, 08 May 2021 11:00:55 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie
E=AJyklLmAs8M9EvVK; path=/; domain=e-planning.net; expires=Sat, 06-May-2028 11:00:55 GMT; SameSite=None; Secure
expires
Sat, 08 May 2021 11:00:55 GMT
x-sid
AMS-739
content-encoding
gzip

Redirect headers

server
openresty
date
Sat, 08 May 2021 11:00:55 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
CT=1; path=/; SameSite=None; Secure
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
x-sid
AMS-739
RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003
sync.targeting.unrulymedia.com/csync/ Frame 293A
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=04a15c81-ae22-5280-80ca-3c91e05c53f5&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=429&user_id=04a15c81-ae22-5280-80ca-3c91e05c53f5&expires=30
  • https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/88d67dc6-6b82-4308-b475-8146225334a2?gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/88d67dc6-6b82-4308-b475-8146225334a2?gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/88d67dc6-6b82-4308-b475-8146225334a2?zcc=1&dspret=0&cb=1620471655150
  • https://sync.targeting.unrulymedia.com/csync/RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003
pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
bvid3kevgpikn2gm1d80
sync.dmp.kubient.net/match/ Frame 6772
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=04a15c81-ae22-5280-80ca-3c91e05c53f5&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=429&user_id=04a15c81-ae22-5280-80ca-3c91e05c53f5&expires=30
  • https://kdmp.kbntx.ch/sync?from=bidswitch&user=8c063509-5413-4a8a-9e0a-134731244d6c
  • https://kdmp.kbntx.ch/sync?from=bidswitch&user=8c063509-5413-4a8a-9e0a-134731244d6c&cb=1
  • https://sync.dmp.kubient.net/match/bvid3kevgpikn2gm1d80?id=04b0a7ac-50a2-44d8-9251-0d798d15dff3
  • https://sync.dmp.kubient.net/match/bvid3kevgpikn2gm1d80?id=04b0a7ac-50a2-44d8-9251-0d798d15dff3&chk=1
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.kubient.net/match/bvid3kevgpikn2gm1d80?id=04b0a7ac-50a2-44d8-9251-0d798d15dff3&chk=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
34.75.21.179 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:58 GMT
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
public, max-age=0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
43
x-xss-protection
1; mode=block

Redirect headers

location
/match/bvid3kevgpikn2gm1d80?id=04b0a7ac-50a2-44d8-9251-0d798d15dff3&chk=1
date
Sat, 08 May 2021 11:00:58 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
um
u-ams02.e-planning.net/ Frame 1327
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4e3cd65fa13600ad
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4e3cd65fa13600ad
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4e3cd65fa13600ad
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4e3cd65fa13600ad
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1327
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7719293512
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7719293512
  • https://sync.1rx.io/usersync/tradedesk/b83adcd0-448d-40af-9582-ee27546db375
  • https://sync.targeting.unrulymedia.com/csync/RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003
42 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:54 GMT
X-lat
amspug003:0:486
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003
date
Sat, 08 May 2021 11:00:55 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX33dcee800e7a4f45996520cd6c1f810a003
content-type
text/html
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 1327 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:54 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Thu, 07 May 2026 11:00:54 GMT
tm60118.js
tag.navdmp.com/ Frame 1327 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm60118.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3545
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id
09ed3c42b5000017560b112000000001
last-modified
Wed, 18 Nov 2020 16:32:07 GMT
server
cloudflare
etag
W/"5fb54c87-2ef4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
64c22fe45f611756-FRA
expires
Sat, 08 May 2021 11:01:50 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 1327 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:54 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Thu, 07 May 2026 11:00:54 GMT
um
u-ams02.e-planning.net/ Frame 1327
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4e3cd65fa13600ad%26uid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4e3cd65fa13600ad%26uid%3D%24%7BUID%7D&ox_sc=1
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4e3cd65fa13600ad&uid=2d222c62-7c10-4a97-b2ad-31d8515b32ac
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4e3cd65fa13600ad&uid=2d222c62-7c10-4a97-b2ad-31d8515b32ac
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4e3cd65fa13600ad&uid=2d222c62-7c10-4a97-b2ad-31d8515b32ac
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
crc00ud46ejq1h555g2k10t7n5h8kqsb
ptag
a.audrte.com/ Frame 1327 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.146.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5cd6b036d6efe02a83d8a5671ace48f3c303c219c51c0156fa0f4c2901d11540

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:56 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1680
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 1327 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:54 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Thu, 07 May 2026 11:00:54 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 1327 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D4e3cd65fa13600ad%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 1327
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D4e3cd65fa13600ad
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:56 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Sat, 08 May 2021 11:00:56 GMT
server
nginx/1.10.3
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 1327
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4e3cd65fa13600ad%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4e3cd65fa13600ad&uid=4075677591857000862
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4e3cd65fa13600ad&uid=4075677591857000862
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:55 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.111:80
AN-X-Request-Uuid
932109e9-7cd8-47ab-a4e4-2b16aa413809
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4e3cd65fa13600ad&uid=4075677591857000862
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 1327 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D4e3cd65fa13600ad%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:56 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame 1327
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-rxspta9E2uEnRQa4iKrxREmQELfDHg__vQ84n7o-~A
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-rxspta9E2uEnRQa4iKrxREmQELfDHg__vQ84n7o-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:58 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Sat, 08 May 2021 11:00:58 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-rxspta9E2uEnRQa4iKrxREmQELfDHg__vQ84n7o-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame 1327
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D4e3cd65fa13600ad%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4e3cd65fa13600ad&uid=58c80c8e8be87fc5c8bba67a994ab49d9205f32e
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4e3cd65fa13600ad&uid=58c80c8e8be87fc5c8bba67a994ab49d9205f32e
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:01:02 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4e3cd65fa13600ad&uid=58c80c8e8be87fc5c8bba67a994ab49d9205f32e
Date
Sat, 08 May 2021 11:01:02 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
test_dmp.html
s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/ Frame 1327 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/test_dmp.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
usync.html
eus.rubiconproject.com/ Frame 0BCE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 08 May 2021 11:00:55 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Sat, 08 May 2021 11:00:55 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 22BA 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4e3cd65fa13600ad%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=100300
Expires
Sun, 09 May 2021 14:52:35 GMT
Date
Sat, 08 May 2021 11:00:55 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 11D5 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4e3cd65fa13600ad%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4e3cd65fa13600ad%26uid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4e3cd65fa13600ad%26uid%3D

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=52441
Expires
Sun, 09 May 2021 01:34:56 GMT
Date
Sat, 08 May 2021 11:00:55 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 0BCE 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55020
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Sun, 09 May 2021 02:17:55 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 11D5 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=47841876&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
46ee74fe75fc92e84a80b2057442bd9c733b81421d187f7f6ceba6782a70007d

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:55 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
khaos.jpg
token.rubiconproject.com/ Frame 0BCE 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
Pug
image2.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBanhMsWO--41ILBR5i06gY&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBanhMsWO--41ILBR5i06gY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:55 GMT
X-lat
lhrpug018:0:512
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBanhMsWO--41ILBR5i06gY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 11D5 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 07 May 2021 11:00:55 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b82e3e12-87e9-4d90-82b8-6d7ea657a111
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b82e3e12-87e9-4d90-82b8-6d7ea657a111
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:53 GMT
X-lat
amspug019:0:460
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b82e3e12-87e9-4d90-82b8-6d7ea657a111
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1278699865142767615
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1278699865142767615
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:54 GMT
X-lat
amspug017:0:444
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1278699865142767615
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bd1d6096-6f67-4700-8805-4175781ba553&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bd1d6096-6f67-4700-8805-4175781ba553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:54 GMT
X-lat
amspug007:0:470
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Sat, 08 May 2021 11:02:41 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bd1d6096-6f67-4700-8805-4175781ba553&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 08 May 2021 11:02:40 GMT
usersync.aspx
dis.criteo.com/dis/ Frame E0A9 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sat, 08 May 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1171
x-powered-by
ASP.NET
date
Sat, 08 May 2021 11:00:54 GMT
content-length
43
pubmatic
d5p.de17a.com/getuid/ Frame FD48 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.180 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4075677591857000862&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4075677591857000862&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:55 GMT
X-lat
lhrpug019:0:427
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:55 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.109:80
AN-X-Request-Uuid
e17c9f32-4bef-4f2f-8cf3-5b9283295c13
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4075677591857000862&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame A645
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959872775212169361
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959872775212169361
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=4F068955-5304-4DF5-B38E-6C9C77F7EDAB; KRTBCOOKIE_57=22776-4075677591857000862; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&16736-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23019-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23114-uid:bd1d6096-6f67-4700-8805-4175781ba553; KRTBCOOKIE_409=22966-XCROD12azIZiNqWNh0naWxY0; KRTBCOOKIE_153=1923-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&19420-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&22979-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX; KRTBCOOKIE_377=6810-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&22918-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&23031-b82e3e12-87e9-4d90-82b8-6d7ea657a111; KRTBCOOKIE_80=16514-CAESEBanhMsWO--41ILBR5i06gY&KRTB&22987-CAESEBanhMsWO--41ILBR5i06gY&KRTB&23025-CAESEBanhMsWO--41ILBR5i06gY; KRTBCOOKIE_391=22924-1278699865142767615&KRTB&23263-1278699865142767615; KRTBCOOKIE_594=17105-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003&KRTB&17107-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003; KRTBCOOKIE_22=14911-9165409399064587149; KRTBCOOKIE_218=22978-YJZvZwAA1YDoMwA4&KRTB&23194-YJZvZwAA1YDoMwA4&KRTB&23209-YJZvZwAA1YDoMwA4&KRTB&23244-YJZvZwAA1YDoMwA4; KRTBCOOKIE_1074=22956-e_acff90b5-7082-42d5-acba-e18e5aa8b6ae; KRTBCOOKIE_188=3189-no-consent; SPugT=1620471657; chkChromeAb67Sec=2; DPSync3=1621641600%3A219_197_232_201_227_226_221%7C1620518400%3A174; SyncRTB3=1621641600%3A165_54_81_189_161_22_99_222_56_234_21_13_176_88_204_55_166_8_7_104_231_230_3_57_233_71_78_5_220%7C1625616000%3A69%7C1623024000%3A203%7C1621036800%3A2_67_223_15%7C1621728000%3A35%7C1621296000%3A63; KRTBCOOKIE_860=16335-aFAAAa51QgJP4MWw8-MNt1JmEnI; KRTBCOOKIE_466=16530-88d67dc6-6b82-4308-b475-8146225334a2; PugT=1620471657
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 08 May 2021 11:00:56 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6959872775212169361; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 07-Jun-2021 11:00:56 GMT; path=/ PugT=1620471656; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 07-Jun-2021 11:00:56 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 06-Aug-2021 11:00:56 GMT; path=/
X-lat
amspug014:0:407
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sat, 08 May 2021 11:00:58 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6959872775212169361; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959872775212169361
adx
match.prod.bidr.io/cookie-sync/ Frame 8C6B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCLXpVN0JMTjhBQUNyaHF2M1B4Zw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-40-147.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AAB-zU7BLN8AACrhqv3Pxg; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sat, 08 May 2021 11:00:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Sat, 08 May 2021 11:00:55 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge
cm.adgrx.com/ Frame 64DA 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sat, 08 May 2021 11:00:58 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-5
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 4875
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1332262949
  • https://sync.1rx.io/usersync/tradedesk/b82e3e12-87e9-4d90-82b8-6d7ea657a111
  • https://sync.targeting.unrulymedia.com/csync/RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003
42 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=4F068955-5304-4DF5-B38E-6C9C77F7EDAB; chkChromeAb67Sec=1; DPSync3=1621641600%3A201_227_226_221; SyncRTB3=1621641600%3A165_56_161_231_220_22_55_54_99_230_176_71_88_204_166_81_189_234_21_13_3_7_8%7C1623024000%3A203%7C1621036800%3A67_2_223_15%7C1621728000%3A35%7C1621296000%3A63; KRTBCOOKIE_57=22776-4075677591857000862; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&16736-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23019-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23114-uid:bd1d6096-6f67-4700-8805-4175781ba553; KRTBCOOKIE_409=22966-XCROD12azIZiNqWNh0naWxY0; KRTBCOOKIE_153=1923-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&19420-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&22979-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX; KRTBCOOKIE_377=6810-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&22918-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&23031-b82e3e12-87e9-4d90-82b8-6d7ea657a111; KRTBCOOKIE_80=16514-CAESEBanhMsWO--41ILBR5i06gY&KRTB&22987-CAESEBanhMsWO--41ILBR5i06gY&KRTB&23025-CAESEBanhMsWO--41ILBR5i06gY; KRTBCOOKIE_391=22924-1278699865142767615&KRTB&23263-1278699865142767615; PugT=1620471654
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 08 May 2021 11:00:53 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_594=17105-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003&KRTB&17107-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 06-Aug-2021 11:00:53 GMT; path=/ PugT=1620471653; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 07-Jun-2021 11:00:53 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 06-Aug-2021 11:00:53 GMT; path=/
X-lat
amspug013:0:492
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sat, 08 May 2021 11:00:55 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003%22%7D; path=/; expires=Sun, 08 May 2022 11:00:55 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003
etag
RX33dcee800e7a4f45996520cd6c1f810a003
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 9D5E
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=XCROD12azIZiNqWNh0naWxY0
42 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=XCROD12azIZiNqWNh0naWxY0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=4F068955-5304-4DF5-B38E-6C9C77F7EDAB; chkChromeAb67Sec=1; DPSync3=1621641600%3A201_227_226_221; SyncRTB3=1621641600%3A165_56_161_231_220_22_55_54_99_230_176_71_88_204_166_81_189_234_21_13_3_7_8%7C1623024000%3A203%7C1621036800%3A67_2_223_15%7C1621728000%3A35%7C1621296000%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 08 May 2021 11:00:55 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-XCROD12azIZiNqWNh0naWxY0; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 07-Jun-2021 11:00:55 GMT; path=/ PugT=1620471655; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 07-Jun-2021 11:00:55 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 06-Aug-2021 11:00:55 GMT; path=/
X-lat
lhrpug013:0:393
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sat, 08 May 2021 11:00:55 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=XCROD12azIZiNqWNh0naWxY0; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=XCROD12azIZiNqWNh0naWxY0
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame 9415 		42 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
content-type
image/gif
content-length
42
set-cookie
__cfduid=d811e957310e25c0a0ece9525d3c46f241620471655; expires=Mon, 07-Jun-21 11:00:55 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7d3s
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
09ed3c434200003140f1274000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64c22fe53c133140-FRA
Pug
simage2.pubmatic.com/AdServer/ Frame 9A5B
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
SPugT=1620471658; KRTBCOOKIE_107=1471-uid:5kggVWO21LFkHD5; PUBMDCID=3; KRTBCOOKIE_279=22890-ac34dbde-afec-11eb-97e8-53ce79fe8ad3&KRTB&23011-ac34dbde-afec-11eb-97e8-53ce79fe8ad3; KADUSERCOOKIE=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46; chkChromeAb67Sec=1; DPSync3=1621641600%3A221_201_227_226; SyncRTB3=1621641600%3A54_7_56_22_234_13_3_88_231_21_161_165_176_230_220_71_81_8_166_55_189_99_204%7C1621036800%3A15_223_2_67%7C1623024000%3A203%7C1621728000%3A35%7C1621296000%3A63; KRTBCOOKIE_27=16735-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&KRTB&16736-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&KRTB&23019-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&KRTB&23114-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1; KRTBCOOKIE_409=22966-90Gzu4AKJ63b6uw5iaMCWxY1; KRTBCOOKIE_1074=22956-e_52383a0e-87a9-4f21-8d98-61373b7b4202; KRTBCOOKIE_377=6810-64082a3e-862e-47dd-9e72-794a06de6253&KRTB&22918-64082a3e-862e-47dd-9e72-794a06de6253&KRTB&23031-64082a3e-862e-47dd-9e72-794a06de6253; PugT=1620471661
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 08 May 2021 11:01:00 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-lat
amspug013:2:287
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Encoding
gzip

Redirect headers

set-cookie
viewer_token=bf016170-e2f2-404d-a128-5b0fea0e7bf2; path=/; domain=csync.loopme.me; Expires=Tue, 08-Jun-2021 11:01:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Sat, 08 May 2021 11:01:01 GMT
server
_
i.match
s.tribalfusion.com/z/ Frame 98E2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aknoeUtlixo8qyTGZcQ7fX2WWfSSdIwQHwKoNPUNH
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=d0375e95802a5d73270fe7658d7d231a71620471655; expires=Mon, 07-Jun-21 11:00:55 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=ainseFt3er76AxvPAB9XRNmHBXOj4ZbCp6N5VeTsq2FwTM8SWih32925KBHy6DZaBcs9KvBxN5yM0frPn2ZaRjk; path=/; domain=.tribalfusion.com; expires=Fri, 06-Aug-2021 11:00:55 GMT; SameSite=None; Secure; ANON_ID_old=ainseFt3er76AxvPAB9XRNmHBXOj4ZbCp6N5VeTsq2FwTM8SWih32925KBHy6DZaBcs9KvBxN5yM0frPn2ZaRjk; path=/; domain=.tribalfusion.com; expires=Fri, 06-Aug-2021 11:00:55 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
09ed3c43f00000c2dbf98a9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64c22fe649edc2db-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sat, 08 May 2021 11:00:55 GMT
content-type
text/html
set-cookie
__cfduid=d0375e95802a5d73270fe7658d7d231a71620471655; expires=Mon, 07-Jun-21 11:00:55 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aknoeUtlixo8qyTGZcQ7fX2WWfSSdIwQHwKoNPUNH; path=/; domain=.tribalfusion.com; expires=Fri, 06-Aug-2021 11:00:55 GMT; SameSite=None; Secure; ANON_ID_old=aknoeUtlixo8qyTGZcQ7fX2WWfSSdIwQHwKoNPUNH; path=/; domain=.tribalfusion.com; expires=Fri, 06-Aug-2021 11:00:55 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
475
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
09ed3c43410000c2db5ab8e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64c22fe53fe9c2db-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 1482
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=5wQHaOftU62s&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=5wQHaOftU62s&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=4F068955-5304-4DF5-B38E-6C9C77F7EDAB; chkChromeAb67Sec=1; DPSync3=1621641600%3A201_227_226_221; SyncRTB3=1621641600%3A165_56_161_231_220_22_55_54_99_230_176_71_88_204_166_81_189_234_21_13_3_7_8%7C1623024000%3A203%7C1621036800%3A67_2_223_15%7C1621728000%3A35%7C1621296000%3A63; KRTBCOOKIE_57=22776-4075677591857000862; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&16736-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23019-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23114-uid:bd1d6096-6f67-4700-8805-4175781ba553; KRTBCOOKIE_409=22966-XCROD12azIZiNqWNh0naWxY0; KRTBCOOKIE_153=1923-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&19420-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&22979-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX; KRTBCOOKIE_377=6810-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&22918-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&23031-b82e3e12-87e9-4d90-82b8-6d7ea657a111; KRTBCOOKIE_80=16514-CAESEBanhMsWO--41ILBR5i06gY&KRTB&22987-CAESEBanhMsWO--41ILBR5i06gY&KRTB&23025-CAESEBanhMsWO--41ILBR5i06gY; KRTBCOOKIE_391=22924-1278699865142767615&KRTB&23263-1278699865142767615; KRTBCOOKIE_594=17105-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003&KRTB&17107-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003; KRTBCOOKIE_22=14911-9165409399064587149; KRTBCOOKIE_218=22978-YJZvZwAA1YDoMwA4&KRTB&23194-YJZvZwAA1YDoMwA4&KRTB&23209-YJZvZwAA1YDoMwA4&KRTB&23244-YJZvZwAA1YDoMwA4; KRTBCOOKIE_1074=22956-e_acff90b5-7082-42d5-acba-e18e5aa8b6ae; PugT=1620471655; SPugT=1620467994
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 08 May 2021 11:00:55 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 06-Aug-2021 11:00:55 GMT; path=/
X-lat
amspug003:0:272
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-stage-0
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=5wQHaOftU62s&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=2b0f8d2fb013dffc; path=/; HttpOnly; Secure; SameSite=None
141
match.deepintent.com/usersync/ Frame C8EC 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Sat, 08 May 2021 11:00:55 GMT
server
a
um
u-ams02.e-planning.net/ Frame FC0F 		42 B
104 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=4e3cd65fa13600ad&uid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method
GET
:authority
u-ams02.e-planning.net
:scheme
https
:path
/um?dc=a208d9366469aa64&fi=4e3cd65fa13600ad&uid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
E=AJyklLmAs8M9EvVK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
openresty
date
Sat, 08 May 2021 11:00:55 GMT
content-type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 11D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TwaJVVMETfWzjmycd_ftqw%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TwaJVVMETfWzjmycd_ftqw%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=100300
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sun, 09 May 2021 14:52:35 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 11D5 		95 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
64c22fe518974e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c432c00004e505ab05000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 11D5
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:53 GMT
frontend-id
14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:53 GMT
frontend-id
7
location
/pubmatic/1/info2?sType=sync&sExtCookieId=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&addseg=12,35,41
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&addseg=12,35,41
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:55 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Sat, 08 May 2021 11:00:55 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&addseg=12,35,41
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEYwNjg5NTUtNTMwNC00REY1LUIzOEUtNkM5Qzc3RjdFREFC&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEYwNjg5NTUtNTMwNC00REY1LUIzOEUtNkM5Qzc3RjdFREFC&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:55 GMT
X-lat
lhrpug003:0:443
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4F068955-5304-4DF5-B38E-6C9C77F7EDAB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 11D5 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4F068955-5304-4DF5-B38E-6C9C77F7EDAB?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hxPmSHxE2uXgqXKP4CMXhuKREAQXxkM-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hxPmSHxE2uXgqXKP4CMXhuKREAQXxkM-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:58 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 08 May 2021 11:00:58 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hxPmSHxE2uXgqXKP4CMXhuKREAQXxkM-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:55 GMT
X-lat
lhrpug005:0:813
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=QMrhEHsVRmFGJtdVMhUU01JmEnI&user_group=1&ssp=pubmatic&gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=88d67dc6-6b82-4308-b475-8146225334a2&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=88d67dc6-6b82-4308-b475-8146225334a2&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:57 GMT
X-lat
amspug007:0:430
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=88d67dc6-6b82-4308-b475-8146225334a2&gdpr=0&gdpr_consent=&gdpr_pd=
date
Sat, 08 May 2021 11:00:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9165409399064587149&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9165409399064587149&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:53 GMT
X-lat
amspug013:0:420
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9165409399064587149&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJZvZwAA1YDoMwA4&gdpr=0&gdpr_consent=&_test=YJZvZwAA1YDoMwA4
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJZvZwAA1YDoMwA4&gdpr=0&gdpr_consent=&_test=YJZvZwAA1YDoMwA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:54 GMT
X-lat
amspug012:0:520
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620471655.449265,VS0,VE0
x-served-by
cache-hhn4052-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJZvZwAA1YDoMwA4&gdpr=0&gdpr_consent=&_test=YJZvZwAA1YDoMwA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c82ee408-5ea4-49f6-b65d-f0d305e1c354&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c82ee408-5ea4-49f6-b65d-f0d305e1c354&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:53 GMT
X-lat
amspug019:0:334
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c82ee408-5ea4-49f6-b65d-f0d305e1c354&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 08 May 2021 11:00:55 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 11D5 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:56 GMT
X-lat
lhrpug005:0:527
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:56 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4937023020763147763
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4937023020763147763
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:01 GMT
X-lat
amspug009:0:241
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:01:01 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.82:80
AN-X-Request-Uuid
5c0b4664-0c57-4d8b-b494-89ce962e9850
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4937023020763147763
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 11D5
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_acff90b5-7082-42d5-acba-e18e5aa8b6ae
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_acff90b5-7082-42d5-acba-e18e5aa8b6ae
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:55 GMT
X-lat
amspug018:0:493
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_acff90b5-7082-42d5-acba-e18e5aa8b6ae
date
Sat, 08 May 2021 11:00:56 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Cookie set usermatch
ssum.casalemedia.com/ Frame 7697
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ae2f89249096099910c2c00dad04acb1f70b65f588a68b0cea4d79eab011f499

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YJZvZ80QyA1irCm.eMbIEwAA; CMPS=1215
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|39|241|206|221|90|105
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1751
Expires
Sat, 08 May 2021 11:00:55 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 08 May 2021 11:00:55 GMT
Connection
keep-alive
Set-Cookie
CMID=YJZvZ80QyA1irCm.eMbIEwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 08 May 2022 11:00:55 GMT CMPS=1215;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 06 Aug 2021 11:00:55 GMT CMPRO=1152;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 06 Aug 2021 11:00:55 GMT CMST=YJZvZ2CWb2cA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 09 May 2021 11:00:55 GMT CMRUM3=6960966f6705a0&2d60966f6705a0&dd60966f6727600&2760966f670b40&e660966f6727600&5a60966f6705a0&ce60966f6705a00&f160966f6705a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 08 May 2022 11:00:55 GMT

Redirect headers

Server
Apache
Content-Length
345
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 08 May 2021 11:00:55 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 08 May 2021 11:00:55 GMT
Connection
keep-alive
Set-Cookie
CMID=YJZvZ80QyA1irCm.eMbIEwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 08 May 2022 11:00:55 GMT CMPS=1215;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 06 Aug 2021 11:00:55 GMT
/
spl.zeotap.com/ Frame 689C 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31c882f98ed21fcc0f6d4936b6aebe9d768441e720e25e595d76bbd9fce04aac

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
content-type
text/html
set-cookie
__cfduid=d1b1ea341fc723474f13e09a52d18ba721620471655; expires=Mon, 07-Jun-21 11:00:55 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=2f43fd45-9bdf-4d62-4265-c5bdb18185df; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%A9%16%0Ay%14%80%AA%99%EEX~%BC%BFCe%8B%97o%99%87%274%9F%28L%9E%12m%5B%84%07j%D5-D%97%24m%A7%F2%F8~J_%AEZ5%7FRFf%17%3F%D7+%C5%21%94j%BA%21W%D5%F3%CBrAL%12%83s%FB%5C%1B%08%C7%D3%11%7BV%993%CB%C0%EBmf%B8h2%046%A9.D%3D%B65%0Am%C8%AAR%F8%23%9A4%21%87%A4D%0Agi%1F%19%0E%FF%2Bu%01%3F%A4%9B%A3%D3%16%D9L%BF%1A%C7%5E%06%B6%0F%EC%5DN%B9%DA%9D%06%CCr%2B%7CB%C4Z%0B%C6r%E5%E7%C6a%F3%CF%E2%90V%B8%E7np%95a; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
09ed3c433600004e508f0e1000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64c22fe528cb4e50-FRA
content-encoding
br
/
onetag-sys.com/usync/ Frame CF33 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=04a15c81-ae22-5280-80ca-3c91e05c53f5&CACHEBUSTER=952735
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=5d1628750185ace
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cache.betweendigital.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cache.betweendigital.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
getuid
ib.adnxs.com/ Frame 689C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 689C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-49...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEPsMWOCOUGM7IFHk7RzMWSM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c...
95 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEPsMWOCOUGM7IFHk7RzMWSM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64c22fe5cae54e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c439c00004e50901db000000001

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEPsMWOCOUGM7IFHk7RzMWSM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 689C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=c043d2a6-3d81-4203-bea3-5cbaaeeb7d36&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a...
95 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=c043d2a6-3d81-4203-bea3-5cbaaeeb7d36&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:01:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64c230011a184e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c54b000004e5040860000000001

Redirect headers

date
Sat, 08 May 2021 11:00:59 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=c043d2a6-3d81-4203-bea3-5cbaaeeb7d36&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
alt-svc
clear
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 689C 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 689C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2f43fd45-9bdf-4d62-4265-c5bdb18185df%26reqId%3D5...
  • https://mwzeom.zeotap.com/mw?cid=b82e3e12-87e9-4d90-82b8-6d7ea657a111&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=b82e3e12-87e9-4d90-82b8-6d7ea657a111&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64c22fe5cae14e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c439b00004e504b94e000000001

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=b82e3e12-87e9-4d90-82b8-6d7ea657a111&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 689C 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Sat, 08 May 2021 11:00:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1620471658.584874,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11525-HHN
u
dmp.v.fwmrm.net/ad/ Frame 689C 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.57.158.50 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:01:00 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 689C 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2f43fd45-9bdf-4d62-4265-c5bdb18185df%26reqId%3D5e9a7c93-dcc4-417a-4975-ae9c57ea91c4%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:55 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 689C
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=264827c8-cae0-48a2-aa06-4fdc758788c3&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=264827c8-cae0-48a2-aa06-4fdc758788c3&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64c22fe65c584e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c43f300004e5040aaa000000001

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=264827c8-cae0-48a2-aa06-4fdc758788c3&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 689C
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=2f43fd45-9bdf-4d62-4265-c5bdb18185df&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=2f43fd45-9bdf-4d62-4265-c5bdb18185df&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=31722095302884908381593485583478235126&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-...
95 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=31722095302884908381593485583478235126&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:01:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64c230085eb54e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c593700004e503912f000000001

Redirect headers

DCS
dcs-prod-irl1-1-v005-0d13094cd.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
fsfSiNSkQxs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=31722095302884908381593485583478235126&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 689C 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:01:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 689C
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=2f43fd45-9bdf-4d62-4265-c5bdb18185df&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021050813-64792-0.870120001620471662-1fb3a0b384e408e9750d8e093170d1bc&zdid=533&env=mWeb
95 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021050813-64792-0.870120001620471662-1fb3a0b384e408e9750d8e093170d1bc&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:01:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64c230136edd4e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c601d00004e5023974000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021050813-64792-0.870120001620471662-1fb3a0b384e408e9750d8e093170d1bc&zdid=533&env=mWeb
Date
Sat, 08 May 2021 11:01:02 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 689C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6959872775212955793&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6959872775212955793&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64c22ff8ec8a4e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c4f8d00004e503e8a5000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6959872775212955793&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Date
Sat, 08 May 2021 11:00:58 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 689C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=2f43fd45-9bdf-4d62-4265-c5bdb18185df
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=2f43fd45-9bdf-4d62-4265-c5bdb18185df
95 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=2f43fd45-9bdf-4d62-4265-c5bdb18185df
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:59 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95

Redirect headers

date
Sat, 08 May 2021 11:00:59 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=2f43fd45-9bdf-4d62-4265-c5bdb18185df
alt-svc
clear
content-length
0
mw
mwzeom.zeotap.com/ Frame 689C
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2f43fd45-9bdf-4d62-4265-c5bdb18185df&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=2f43fd45-9bdf-4d62-4265-c5bdb18185df&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=8tFIrrDdvzy3C.DOxhZuh.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-41...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=8tFIrrDdvzy3C.DOxhZuh.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64c22ff99e884e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c4ffc00004e5023baf000000001

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:58 GMT
via
1.1 google
last-modified
Sat, 08 May 2021 11:00:58 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=8tFIrrDdvzy3C.DOxhZuh.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 689C 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=2f43fd45-9bdf-4d62-4265-c5bdb18185df&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.101 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:57 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 689C
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=2f43fd45-9bdf-4d62-4265-c5bdb18185df?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=2f43fd45-9bdf-4d62-4265-c5bdb18185df?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=6a45e6f7ce5a6930e3bd10a88a9c29e2&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dc...
95 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=6a45e6f7ce5a6930e3bd10a88a9c29e2&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64c22ff1a9754e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c4b0d00004e508b202000000001

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:57 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=6a45e6f7ce5a6930e3bd10a88a9c29e2&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
cache-control
no-cache
x-server
10.45.2.6
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 689C
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-BPg5su1E2opuIRM2zzlxqMUQylslPlx9Pw--~A&zpartnerid=570&env=mWeb
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-BPg5su1E2opuIRM2zzlxqMUQylslPlx9Pw--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64c22ff2ac184e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c4ba600004e504d30a000000001

Redirect headers

date
Sat, 08 May 2021 11:00:57 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-BPg5su1E2opuIRM2zzlxqMUQylslPlx9Pw--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 689C
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=3qhONQL5KXY28bUsTPW3wzPeydFqDgfC%2BS41iYitP1U%3D
95 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=3qhONQL5KXY28bUsTPW3wzPeydFqDgfC%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:01:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64c230072b234e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c587800004e5046902000000001

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:00 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=3qhONQL5KXY28bUsTPW3wzPeydFqDgfC%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 689C 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=2f43fd45-9bdf-4d62-4265-c5bdb18185df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:57 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 689C 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.31.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:57 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1620471657
x-served-by
beacon-n014-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 689C 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=2f43fd45-9bdf-4d62-4265-c5bdb18185df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:57 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 689C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJZvZwAA1YDoMwA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJZvZwAA1YDoMwA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64c22ff61d4d4e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c4dcf00004e505a823000000001

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:57 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1620471658.819992,VS0,VE98
x-served-by
cache-hhn4052-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YJZvZwAA1YDoMwA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 689C
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=bd1d6096-6f67-4700-8805-4175781ba553&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c9...
95 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=bd1d6096-6f67-4700-8805-4175781ba553&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64c22ff70f8d4e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c4e6000004e506ea73000000001

Redirect headers

Date
Sat, 08 May 2021 11:00:58 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=bd1d6096-6f67-4700-8805-4175781ba553&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Sat, 08 May 2021 11:02:13 GMT
usermatch.gif
beacon.krxd.net/ Frame 689C
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OG57RotV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2f43fd45-9bdf-4d62-4265-c5bdb18185df
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2f43fd45-9bdf-4d62-4265-c5bdb18185df
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.31.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=23 t=1620471658
x-served-by
beacon-n023-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 08 May 2021 11:00:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://spl.zeotap.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=2f43fd45-9bdf-4d62-4265-c5bdb18185df
access-control-allow-credentials
true
cf-ray
64c22ff92d174e50-FRA
access-control-allow-headers
*
cf-request-id
09ed3c4fb900004e5090329000000001
dcm
aax-eu.amazon-adsystem.com/s/ Frame 689C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2f43fd45-9bdf-4d62-4265-c5bdb18185df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-426...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2f43fd45-9bdf-4d62-4265-c5bdb18185df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-426...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2f43fd45-9bdf-4d62-4265-c5bdb18185df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:59 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:59 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=2f43fd45-9bdf-4d62-4265-c5bdb18185df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 689C
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=2f43fd45-9bdf-4d62-4265-c5bdb18185df&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:01:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64c230015aa54e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c54d400004e5066ae5000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Sat, 08 May 2021 11:00:59 GMT
Connection
keep-alive
Content-Length
0
BK-Server
7d7f
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 689C 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2f43fd45-9bdf-4d62-4265-c5bdb18185df%26reqId%3D5e9a7c93-dcc4-417a-4975-ae9c57ea91c4%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.71.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:58 GMT
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 689C 		557 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c1220b71998478ef41125e2a15b48b908f0270dd02b8222246913d059d03593

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
64c22ff9cf0f4e50-FRA
date
Sat, 08 May 2021 11:00:58 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
09ed3c501f00004e5056b19000000001
04a15c81-ae22-5280-80ca-3c91e05c53f5
an.yandex.ru/mapuid/betweendigitalis/ Frame 293A
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F04a15c81-ae22-5280-80ca-3c91e05c53f5
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F04a15c81-ae22-5280-80ca-3c91e05c53f5&crf=1
  • https://an.yandex.ru/mapuid/betweendigitalis/04a15c81-ae22-5280-80ca-3c91e05c53f5
  • https://an.yandex.ru/mapuid/betweendigitalis/04a15c81-ae22-5280-80ca-3c91e05c53f5?redir-setuniq=1
43 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/04a15c81-ae22-5280-80ca-3c91e05c53f5?redir-setuniq=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 11:00:55 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 08 May 2021 11:00:55 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 11:00:55 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/betweendigitalis/04a15c81-ae22-5280-80ca-3c91e05c53f5?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 08 May 2021 11:00:55 GMT
/
ads.us.e-planning.net/uspd/1/ Frame C821 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
45bea08c5d77fa2ee8c4cb955a0f51e2d25cd4c985677fe2ef31ad5466bd5932

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user-sync.adxpremium.services/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
CT=1; E=AJyklLmAs8M9EvVK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

server
openresty
date
Sat, 08 May 2021 11:00:55 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Sat, 08 May 2021 11:00:55 GMT
x-sid
AMS-739
content-encoding
gzip
um
u-ams02.e-planning.net/ Frame C821
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4e3cd65fa13600ad
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4e3cd65fa13600ad
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4e3cd65fa13600ad
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4e3cd65fa13600ad
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
sync.e-planning.net/ Frame C821
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2095%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=5393033283
  • https://sync.1rx.io/usersync3/centro/2095/no-consent?zcc=0&sspret=1&rndcb=5393033283
  • https://sync.targeting.unrulymedia.com/csync/RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003&dc=1079cc634ca638f8&iss=1
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003&dc=1079cc634ca638f8&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:57 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003&dc=1079cc634ca638f8&iss=1
date
Sat, 08 May 2021 11:00:56 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX33dcee800e7a4f45996520cd6c1f810a003
content-type
text/html
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame C821 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Thu, 07 May 2026 11:00:55 GMT
tm60118.js
tag.navdmp.com/ Frame C821 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm60118.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3545
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id
09ed3c43eb00001756bb804000000001
last-modified
Wed, 18 Nov 2020 16:32:07 GMT
server
cloudflare
etag
W/"5fb54c87-2ef4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
64c22fe64b2b1756-FRA
expires
Sat, 08 May 2021 11:01:50 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame C821 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Thu, 07 May 2026 11:00:55 GMT
um
u-ams02.e-planning.net/ Frame C821
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4e3cd65fa13600ad%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4e3cd65fa13600ad&uid=2d222c62-7c10-4a97-b2ad-31d8515b32ac
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4e3cd65fa13600ad&uid=2d222c62-7c10-4a97-b2ad-31d8515b32ac
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:54 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4e3cd65fa13600ad&uid=2d222c62-7c10-4a97-b2ad-31d8515b32ac
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
esrtgnjj8vhk20eort6ctmurp3eoqd3q
ptag
a.audrte.com/ Frame C821 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.146.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5cd6b036d6efe02a83d8a5671ace48f3c303c219c51c0156fa0f4c2901d11540

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:56 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1680
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame C821 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Thu, 07 May 2026 11:00:55 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame C821 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D4e3cd65fa13600ad%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame C821
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D4e3cd65fa13600ad
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:56 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Sat, 08 May 2021 11:00:56 GMT
server
nginx/1.10.3
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame C821
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4e3cd65fa13600ad%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4e3cd65fa13600ad&uid=4075677591857000862
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4e3cd65fa13600ad&uid=4075677591857000862
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:55 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.102:80
AN-X-Request-Uuid
f7ae448c-347a-443e-a96e-8feb51a3fb80
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4e3cd65fa13600ad&uid=4075677591857000862
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame C821 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D4e3cd65fa13600ad%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:56 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame C821
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-l2uXvbZE2uEL1gxXaf813sWVA3BlbEerOoQ5z2M-~A
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-l2uXvbZE2uEL1gxXaf813sWVA3BlbEerOoQ5z2M-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:58 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Sat, 08 May 2021 11:00:58 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-l2uXvbZE2uEL1gxXaf813sWVA3BlbEerOoQ5z2M-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame C821
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D4e3cd65fa13600ad%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4e3cd65fa13600ad&uid=58c80c8e8be87fc5c8bba67a994ab49d9205f32e
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4e3cd65fa13600ad&uid=58c80c8e8be87fc5c8bba67a994ab49d9205f32e
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:01:02 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4e3cd65fa13600ad&uid=58c80c8e8be87fc5c8bba67a994ab49d9205f32e
Date
Sat, 08 May 2021 11:01:02 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
usync.html
eus.rubiconproject.com/ Frame 6820
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 08 May 2021 11:00:55 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Sat, 08 May 2021 11:00:55 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CEE9 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4e3cd65fa13600ad%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=4F068955-5304-4DF5-B38E-6C9C77F7EDAB; chkChromeAb67Sec=1; DPSync3=1621641600%3A201_227_226_221; SyncRTB3=1621641600%3A165_56_161_231_220_22_55_54_99_230_176_71_88_204_166_81_189_234_21_13_3_7_8%7C1623024000%3A203%7C1621036800%3A67_2_223_15%7C1621728000%3A35%7C1621296000%3A63; KRTBCOOKIE_57=22776-4075677591857000862; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&16736-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23019-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23114-uid:bd1d6096-6f67-4700-8805-4175781ba553; KRTBCOOKIE_409=22966-XCROD12azIZiNqWNh0naWxY0; KRTBCOOKIE_153=1923-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&19420-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&22979-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX; KRTBCOOKIE_377=6810-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&22918-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&23031-b82e3e12-87e9-4d90-82b8-6d7ea657a111; KRTBCOOKIE_80=16514-CAESEBanhMsWO--41ILBR5i06gY&KRTB&22987-CAESEBanhMsWO--41ILBR5i06gY&KRTB&23025-CAESEBanhMsWO--41ILBR5i06gY; KRTBCOOKIE_391=22924-1278699865142767615&KRTB&23263-1278699865142767615; KRTBCOOKIE_594=17105-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003&KRTB&17107-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003; KRTBCOOKIE_22=14911-9165409399064587149; PugT=1620471653
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=100300
Expires
Sun, 09 May 2021 14:52:35 GMT
Date
Sat, 08 May 2021 11:00:55 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7FCB 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4e3cd65fa13600ad%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4e3cd65fa13600ad%26uid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=4F068955-5304-4DF5-B38E-6C9C77F7EDAB; chkChromeAb67Sec=1; DPSync3=1621641600%3A201_227_226_221; SyncRTB3=1621641600%3A165_56_161_231_220_22_55_54_99_230_176_71_88_204_166_81_189_234_21_13_3_7_8%7C1623024000%3A203%7C1621036800%3A67_2_223_15%7C1621728000%3A35%7C1621296000%3A63; KRTBCOOKIE_57=22776-4075677591857000862; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&16736-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23019-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23114-uid:bd1d6096-6f67-4700-8805-4175781ba553; KRTBCOOKIE_409=22966-XCROD12azIZiNqWNh0naWxY0; KRTBCOOKIE_153=1923-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&19420-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&22979-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX; KRTBCOOKIE_377=6810-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&22918-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&23031-b82e3e12-87e9-4d90-82b8-6d7ea657a111; KRTBCOOKIE_80=16514-CAESEBanhMsWO--41ILBR5i06gY&KRTB&22987-CAESEBanhMsWO--41ILBR5i06gY&KRTB&23025-CAESEBanhMsWO--41ILBR5i06gY; KRTBCOOKIE_391=22924-1278699865142767615&KRTB&23263-1278699865142767615; KRTBCOOKIE_594=17105-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003&KRTB&17107-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003; KRTBCOOKIE_22=14911-9165409399064587149; PugT=1620471653
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4e3cd65fa13600ad%26uid%3D

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=52441
Expires
Sun, 09 May 2021 01:34:56 GMT
Date
Sat, 08 May 2021 11:00:55 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set usermatch
ssum.casalemedia.com/ Frame 9E94
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bcebbd32052e716576f6eda84332d07e50f8c1b800159c9a6c79bca6005e7cbc

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1215; CMID=YJZvZzpmm15rPtf4R1AlJQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|45|218|206|88|8
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1804
Expires
Sat, 08 May 2021 11:00:55 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 08 May 2021 11:00:55 GMT
Connection
keep-alive
Set-Cookie
CMID=YJZvZzpmm15rPtf4R1AlJQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 08 May 2022 11:00:55 GMT CMPS=1215;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 06 Aug 2021 11:00:55 GMT CMPRO=1164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 06 Aug 2021 11:00:55 GMT CMST=YJZvZ2CWb2cA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 09 May 2021 11:00:55 GMT CMRUM3=5860966f6705a0&2d60966f6705a0&0860966f6705a00&da60966f6727600&2760966f670b40&e660966f6727600&ce60966f6705a00&f160966f6705a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 08 May 2022 11:00:55 GMT

Redirect headers

Server
Apache
Content-Length
345
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 08 May 2021 11:00:55 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 08 May 2021 11:00:55 GMT
Connection
keep-alive
Set-Cookie
CMID=YJZvZzpmm15rPtf4R1AlJQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 08 May 2022 11:00:55 GMT CMPS=1215;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 06 Aug 2021 11:00:55 GMT
/
spl.zeotap.com/ Frame 7508 		530 B
756 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e970c2705457508604dca133ddd492170f359137e6ce3ba09ebd4eb8f9d99ca

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=2f43fd45-9bdf-4d62-4265-c5bdb18185df; zsc=%A9%16%0Ay%14%80%AA%99%EEX~%BC%BFCe%8B%97o%99%87%274%9F%28L%9E%12m%5B%84%07j%D5-D%97%24m%A7%F2%F8~J_%AEZ5%7FRFf%17%3F%D7+%C5%21%94j%BA%21W%D5%F3%CBrAL%12%83s%FB%5C%1B%08%C7%D3%11%7BV%993%CB%C0%EBmf%B8h2%046%A9.D%3D%B65%0Am%C8%AAR%F8%23%9A4%21%87%A4D%0Agi%1F%19%0E%FF%2Bu%01%3F%A4%9B%A3%D3%16%D9L%BF%1A%C7%5E%06%B6%0F%EC%5DN%B9%DA%9D%06%CCr%2B%7CB%C4Z%0B%C6r%E5%E7%C6a%F3%CF%E2%90V%B8%E7np%95a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
content-type
text/html
set-cookie
__cfduid=d1b1ea341fc723474f13e09a52d18ba721620471655; expires=Mon, 07-Jun-21 11:00:55 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=2f43fd45-9bdf-4d62-4265-c5bdb18185df; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=NK%0C%ACNK%E3%3B%F9%CF%A0X%90%95%12%B0%A3%D1%A2%18%B7%F8j%D3%9C%C5%28%EC%27%87%1F%9BYc%CAy%95%00%15%AC%E8%86%8E%5B%D7%B6%A9%24%0E%84j%5C%B4ze%9D%A0%14%D5P%8C%03%8C%8C%B1%15%05y%3E%26%E2%D1%CA%B9%3C%01%2A%19%C6%E9%B51%7F9B%25Qj%D9%D6dw.E%14%D8l4g%F9%96%C8%C7%29%11M%B8%9C%90%C1y%BB%8CY%1F3w%A8%98ew%0Fv%EA%15g%15%9Fl%E1Uo%22Q%C8%A8_5z%22%F5%C6C%939O%5D%5B%8C%9CuV%D0%C3%03%FC%A1u%F4%AC%CE%0C%C6%A5%98%BCx%1C; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
09ed3c441b00004e5076b89000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64c22fe69d114e50-FRA
content-encoding
br
usync.js
eus.rubiconproject.com/ Frame 6820 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55020
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Sun, 09 May 2021 02:17:55 GMT
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 7508 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D2f43fd45-9bdf-4d62-4265-c5bdb18185df%26reqId%3Dac3b2234-fc75-4e3a-6a01-9599402b06cb%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.71.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:56 GMT
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 7508 		557 B
582 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=ac3b2234-fc75-4e3a-6a01-9599402b06cb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a86ba789e49ab76ba44efe69846c7bed3b357b9473154701a5b21d469c2f893

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
64c22fe6edfe4e50-FRA
date
Sat, 08 May 2021 11:00:55 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
09ed3c444d00004e50179e0000000001
khaos.jpg
token.rubiconproject.com/ Frame 6820 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
sync.html
s.adtelligent.com/ Frame 293A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adtelligent.com/sync.html?aid=582266
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://cache.betweendigital.com
Access-Control-Allow-Credentials
true
cmp
spl.zeotap.com/ Frame 7508 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=ac3b2234-fc75-4e3a-6a01-9599402b06cb&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=ac3b2234-fc75-4e3a-6a01-9599402b06cb&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=ac3b2234-fc75-4e3a-6a01-9599402b06cb&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=2f43fd45-9bdf-4d62-4265-c5bdb18185df; zsc=NK%0C%ACNK%E3%3B%F9%CF%A0X%90%95%12%B0%A3%D1%A2%18%B7%F8j%D3%9C%C5%28%EC%27%87%1F%9BYc%CAy%95%00%15%AC%E8%86%8E%5B%D7%B6%A9%24%0E%84j%5C%B4ze%9D%A0%14%D5P%8C%03%8C%8C%B1%15%05y%3E%26%E2%D1%CA%B9%3C%01%2A%19%C6%E9%B51%7F9B%25Qj%D9%D6dw.E%14%D8l4g%F9%96%C8%C7%29%11M%B8%9C%90%C1y%BB%8CY%1F3w%A8%98ew%0Fv%EA%15g%15%9Fl%E1Uo%22Q%C8%A8_5z%22%F5%C6C%939O%5D%5B%8C%9CuV%D0%C3%03%FC%A1u%F4%AC%CE%0C%C6%A5%98%BCx%1C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
set-cookie
__cfduid=dd40faffa1d311321b8a9ed7e6cf5d7f41620471655; expires=Mon, 07-Jun-21 11:00:55 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
09ed3c447c00004e5028329000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64c22fe72eb94e50-FRA
sync
t.adx.opera.com/ Frame 293A 		0
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60039&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7697
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJZvZ80QyA1irCm.eMbIEwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHTaqwYzgRLOyS9gngGk2ME&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHTaqwYzgRLOyS9gngGk2ME&google_cver=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 08 May 2021 11:00:55 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHTaqwYzgRLOyS9gngGk2ME&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 7697
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEKkaJKemMM3pDPUBe0fgMg&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEKkaJKemMM3pDPUBe0fgMg&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 08 May 2021 11:00:55 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEKkaJKemMM3pDPUBe0fgMg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7697 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YJZvZ80QyA1irCm.eMbIEwAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 7697
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:57 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:57 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7697
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB
43 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sat, 08 May 2021 11:00:58 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB
Connection
keep-alive
Content-Length
0
tpid=YJZvZ80QyA1irCm.eMbIEwAA%261152
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 7697
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YJZvZ80QyA1irCm.eMbIEwAA%261152
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJZvZ80QyA1irCm.eMbIEwAA%261152
49 B
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJZvZ80QyA1irCm.eMbIEwAA%261152
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:57 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.42
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:57 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YJZvZ80QyA1irCm.eMbIEwAA%261152
cache-control
no-cache
x-server
10.45.5.10
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 7697
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E2D179E90B864B31A674C35C341F75F2&gdpr=1
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E2D179E90B864B31A674C35C341F75F2&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 08 May 2021 11:00:55 GMT

Redirect headers

date
Sat, 08 May 2021 11:00:55 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E2D179E90B864B31A674C35C341F75F2&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Fri, 07 May 2021 11:00:55 GMT
crum
dsum-sec.casalemedia.com/ Frame 7697
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 08 May 2021 11:00:56 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sat, 08 May 2021 11:00:56 GMT
server
nginx/1.18.0
content-length
76
um
u-ams02.e-planning.net/ Frame 7697 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=4e3cd65fa13600ad&uid=YJZvZ80QyA1irCm.eMbIEwAA%261152
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
server
openresty
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 9E94
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJZvZzpmm15rPtf4R1AlJQAABIwAAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEKkaJKemMM3pDPUBe0fgMg&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEKkaJKemMM3pDPUBe0fgMg&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 08 May 2021 11:00:55 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEEKkaJKemMM3pDPUBe0fgMg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9E94 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YJZvZzpmm15rPtf4R1AlJQAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 9E94
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJZvZzpmm15rPtf4R1AlJQAABIwAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJZvZzpmm15rPtf4R1AlJQAABIwAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJZvZzpmm15rPtf4R1AlJQAABIwAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:57 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:57 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YJZvZzpmm15rPtf4R1AlJQAABIwAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9E94
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJZvZzpmm15rPtf4R1AlJQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHTaqwYzgRLOyS9gngGk2ME&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHTaqwYzgRLOyS9gngGk2ME&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 08 May 2021 11:00:55 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHTaqwYzgRLOyS9gngGk2ME&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 9E94
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YJZvZzpmm15rPtf4R1AlJQAA%261164
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YJZvZzpmm15rPtf4R1AlJQAA%261164
42 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YJZvZzpmm15rPtf4R1AlJQAA%261164
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-07cd7aa19.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
T8SFfvydQCg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v005-05cbd1646.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
QbFyn6sLQ7w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YJZvZzpmm15rPtf4R1AlJQAA%261164
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
YJZvZzpmm15rPtf4R1AlJQAABIwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9E94
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YJZvZzpmm15rPtf4R1AlJQAABIwAAAIB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YJZvZzpmm15rPtf4R1AlJQAABIwAAAIB
43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YJZvZzpmm15rPtf4R1AlJQAABIwAAAIB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sat, 08 May 2021 11:00:58 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YJZvZzpmm15rPtf4R1AlJQAABIwAAAIB
Connection
keep-alive
Content-Length
0
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 9E94 		85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:55 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1620471656.704973,VS0,VE97
x-served-by
cache-hhn4052-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 9E94
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=d1be5269-3a11-4d8a-8837-e730dce13408&expiration=1652007656
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=d1be5269-3a11-4d8a-8837-e730dce13408&expiration=1652007656
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 08 May 2021 11:00:58 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=d1be5269-3a11-4d8a-8837-e730dce13408&expiration=1652007656
date
Sat, 08 May 2021 11:00:56 GMT
server
Kestrel
content-length
0
um
u-ams02.e-planning.net/ Frame 9E94 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=4e3cd65fa13600ad&uid=YJZvZzpmm15rPtf4R1AlJQAA%261164
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e3cd65fa13600ad%26uid%3D&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:55 GMT
server
openresty
content-type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame 7EDF 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159760&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 09:59:54 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cc.js
tags.crwdcntrl.net/c/15238/ Frame 1327 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 07 May 2021 21:14:03 GMT
content-encoding
gzip
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
49615
etag
W/"2b2f816f40499d384e118ce88a266e02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
83iYWPKAMUxyXPpVw4z9woaN5HXl8AhKWqV0NyRnrALFj8PdxiJwww==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame B28C 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
E=AJyklLmAs8M9EvVK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Sat, 08 May 2021 11:00:56 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Thu, 07 May 2026 11:00:56 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame 2B4E 		3 KB
956 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
057c01ea2c1f5359f07b81318324ee50e6b70872092f7ea49cb0da87876935f7

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Sat, 08 May 2021 11:00:56 GMT
content-type
text/html
set-cookie
__cfduid=d950c4d96946a5046cb9a644243d4f1641620471656; expires=Mon, 07-Jun-21 11:00:56 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=8212c5f7-b766-4967-a403-4cb7eeb9707f; expires=Fri, 28 May 2021 11:00:56 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
09ed3c48410000d72138b08000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L5mdK4i93RaBWsqhUf7GgGPFVZyXB3HnXA%2B8TLx7yVKvF90bm%2FIrdbkqJJSvy%2BqzKm12PiwkxYdQpDDgDYRutOYxEQwyqfKgJ9M4uZzG3t%2Fli6wb0WRKHBHIvSaf268%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64c22fed2d23d721-FRA
content-encoding
br
setuid
rtb.adxpremium.services/ Frame 929B
Redirect Chain
  • https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID
  • https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AJyklLmAs8M9EvVK
0
912 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AJyklLmAs8M9EvVK
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
rtb.adxpremium.services
:scheme
https
:path
/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AJyklLmAs8M9EvVK
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSCookie=1; uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJjMDRiNDViYTk0N2VjNmVmIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTQuMDE5NTk1ODU3KzAyOjAwIn0sIm1hcnNtZWRpYSI6eyJ1aWQiOiI0MDc1Njc3NTkxODU3MDAwODYyIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTUuMzQ1NTYzOTc1KzAyOjAwIn19LCJiZGF5IjoiMjAyMS0wNS0wOFQxMzowMDo1My42NTkwMjAxOTkrMDI6MDAifQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Sat, 08 May 2021 11:00:56 GMT
content-length
0
set-cookie
__cfduid=d0d5d4b5fee7999230e2ee27a9347fff51620471656; expires=Mon, 07-Jun-21 11:00:56 GMT; path=/; domain=.adxpremium.services; HttpOnly; SameSite=Lax SSCookie=1; Path=/; Expires=Fri, 06 Aug 2021 11:00:56 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJjMDRiNDViYTk0N2VjNmVmIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTQuMDE5NTk1ODU3KzAyOjAwIn0sImVwbGFubmluZyI6eyJ1aWQiOiJBSnlrbExtQXM4TTlFdlZLIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTYuODM1OTU0MDY0KzAyOjAwIn0sIm1hcnNtZWRpYSI6eyJ1aWQiOiI0MDc1Njc3NTkxODU3MDAwODYyIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTUuMzQ1NTYzOTc1KzAyOjAwIn19LCJiZGF5IjoiMjAyMS0wNS0wOFQxMzowMDo1My42NTkwMjAxOTkrMDI6MDAifQ==; Path=/; Domain=adxpremium.services; Expires=Fri, 06 Aug 2021 11:00:56 GMT; Secure; SameSite=None
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
09ed3c497000004dd6fd18a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oUUnke6FU1A6uw40vezAQeKgLfmpj%2FJmBT%2FZy4Cz3Aa7XosifUVes9Y8RbrgShh2XmYxxt5E%2BP2W03XvpgHC%2FLQVh%2FdGGNkXRqr477SIGqjr0p43%2FL1vUQqdpi4bi5J0e2k3VA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64c22fef18344dd6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
openresty
date
Sat, 08 May 2021 11:00:56 GMT
content-type
text/html; charset=iso-8859-1
location
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AJyklLmAs8M9EvVK
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Sat, 08 May 2021 11:00:56 GMT
x-sid
AMS-739
GS.d
js.cookieless-data.com/ Frame B28C 		0
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1620471656523
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:56 GMT
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
0
expires
Tue, 01 Jan 2000 00:00:00 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame C821 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 07 May 2021 21:14:03 GMT
content-encoding
gzip
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
49615
etag
W/"2b2f816f40499d384e118ce88a266e02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
5l3g-wdLM41YA-KwAUEduaz6-wcZkvZza26f6QeUhQrQwn6sXS6JEQ==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame E9B9 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
E=AJyklLmAs8M9EvVK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Sat, 08 May 2021 11:00:56 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Thu, 07 May 2026 11:00:56 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame EE3B 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd5f6f0597c3f2ce1dade791c8a00a28739e15db553e1b845e6aa9dfef4d9198

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Sat, 08 May 2021 11:00:56 GMT
content-type
text/html
set-cookie
__cfduid=d950c4d96946a5046cb9a644243d4f1641620471656; expires=Mon, 07-Jun-21 11:00:56 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=1ec0c226-012a-4e0b-8d28-794217a53c4d; expires=Fri, 28 May 2021 11:00:56 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
09ed3c488c0000d721e198a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4Uml2UFp%2FTTXl6Q5vpLpkEPiqAGCS6Ttv2Z8K1E9OJ%2BiZkLxoFh6QZKB1JpGy4AFR90oKjHSzjcc6fY32BuGRQIdo14HdtOjRAYqI07oGu5N1QL8KpFT32gRYwHjDoA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64c22fedae38d721-FRA
content-encoding
br
setuid
rtb.adxpremium.services/ Frame 4969
Redirect Chain
  • https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID
  • https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AJyklLmAs8M9EvVK
0
711 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AJyklLmAs8M9EvVK
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
rtb.adxpremium.services
:scheme
https
:path
/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AJyklLmAs8M9EvVK
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSCookie=1; uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJjMDRiNDViYTk0N2VjNmVmIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTQuMDE5NTk1ODU3KzAyOjAwIn0sIm1hcnNtZWRpYSI6eyJ1aWQiOiI0MDc1Njc3NTkxODU3MDAwODYyIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTUuMzQ1NTYzOTc1KzAyOjAwIn19LCJiZGF5IjoiMjAyMS0wNS0wOFQxMzowMDo1My42NTkwMjAxOTkrMDI6MDAifQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Sat, 08 May 2021 11:00:56 GMT
content-length
0
set-cookie
__cfduid=d0d5d4b5fee7999230e2ee27a9347fff51620471656; expires=Mon, 07-Jun-21 11:00:56 GMT; path=/; domain=.adxpremium.services; HttpOnly; SameSite=Lax SSCookie=1; Path=/; Expires=Fri, 06 Aug 2021 11:00:56 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJjMDRiNDViYTk0N2VjNmVmIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTQuMDE5NTk1ODU3KzAyOjAwIn0sImVwbGFubmluZyI6eyJ1aWQiOiJBSnlrbExtQXM4TTlFdlZLIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTYuOTI0MTY2MjYrMDI6MDAifSwibWFyc21lZGlhIjp7InVpZCI6IjQwNzU2Nzc1OTE4NTcwMDA4NjIiLCJleHBpcmVzIjoiMjAyMS0wNS0yMlQxMzowMDo1NS4zNDU1NjM5NzUrMDI6MDAifX0sImJkYXkiOiIyMDIxLTA1LTA4VDEzOjAwOjUzLjY1OTAyMDE5OSswMjowMCJ9; Path=/; Domain=adxpremium.services; Expires=Fri, 06 Aug 2021 11:00:56 GMT; Secure; SameSite=None
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
09ed3c49d500004dd6bda25000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1IQcKVo%2BufPJXRfOw4eGfZtYEeH3JBePhJtNHDo70Rte33WJEGPqqN%2Bnucl8gGlSVTGZpL5hO8uppZRzcSlWxFTVmkYQKL2lpUuvzc0p47ji9ytyAVgKupwK8iqL6A47fU%2FDyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64c22fefb9bb4dd6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
openresty
date
Sat, 08 May 2021 11:00:56 GMT
content-type
text/html; charset=iso-8859-1
location
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AJyklLmAs8M9EvVK
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Sat, 08 May 2021 11:00:56 GMT
x-sid
AMS-739
GS.d
js.cookieless-data.com/ Frame E9B9 		0
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1620471656622
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:56 GMT
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
0
expires
Tue, 01 Jan 2000 00:00:00 GMT
us
sync.go.sonobi.com/ Frame EE3B 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:56 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame EE3B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4075677591857000862
43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4075677591857000862
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:56 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cq2GiLYgAgpJG0viZY7jiIkoCrDc3a3cLyqCbjH9kyzqbJKpaWoezYYcFXTTVMBE4xkUs9XLbs88FVt01Zd0Ivguuw5uNbPZcH7%2BAljE5QZMD9ZeFl7K67MJZtn2LIY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64c22feee89ed721-FRA
content-length
43
cf-request-id
09ed3c49550000d7212f10c000000001

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:56 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.106:80
AN-X-Request-Uuid
74e55907-e38a-4722-a9df-25495f5679c8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4075677591857000862
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame EE3B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4075677591857000862
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4075677591857000862
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:56 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pn1YjqS9BnwECBeP5Rnay%2BQJsWHmtecwtrs%2BP5mP%2BrhSAfp81dnOB4vwAmL5q3OxDoZKZPCbhZCQomm2EAvjyHOeqj%2F0EFptMHw9cYsIZ35iGJXHUbXiPrdth52YHl8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64c22fef190bd721-FRA
content-length
43
cf-request-id
09ed3c49740000d72143221000000001

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:56 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.79:80
AN-X-Request-Uuid
bf3f8eef-214f-4877-88b0-e54001dc3f17
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4075677591857000862
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame EE3B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-l2uXvbZE2uEL1gxXaf813sWVA3BlbEerOoQ5z2M-~A
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-l2uXvbZE2uEL1gxXaf813sWVA3BlbEerOoQ5z2M-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:58 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cNz5r9V4VkPrFpZxCgsjgHYcYkB9UnONd4xfHT3zC1EysPtF52O5kbSBq3Vb0J2EyRBZ3fHhboHJrdwtpkXwA0ixy1mJ7sLsTHXB2gULG7gIxxyjy%2BKqhfRcuo5Z0q0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64c22ffa8817d721-FRA
content-length
43
cf-request-id
09ed3c50960000d72146251000000001

Redirect headers

Date
Sat, 08 May 2021 11:00:58 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-l2uXvbZE2uEL1gxXaf813sWVA3BlbEerOoQ5z2M-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame EE3B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4075677591857000862
43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4075677591857000862
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:57 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y1kutL9QEn3hjqO9qGGmznS9uegBpErN1zrNisOec%2BjsIOIWmjFOu3467OP%2FSJBRH2s3YzuRkdxvpXI7scMts0ukfVAGM0hLLQzXicF7QFBCY%2BrzGzTWUU1gdZdQcvs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64c22fefaa3cd721-FRA
content-length
43
cf-request-id
09ed3c49c50000d7210526f000000001

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:56 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.84:80
AN-X-Request-Uuid
715066e6-533c-4af8-818e-9724aefb3621
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4075677591857000862
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame EE3B
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=8a4f16fa-2764-5280-9566-d04df5f0bf2a
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=8a4f16fa-2764-5280-9566-d04df5f0bf2a
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:56 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bgBe34cyIHIRCZF08nZjT1yZhiMwBwtuEAj8eceUbJbi7pkqHNjGrPQOzY%2BSmNv7kSFNR5cSfkmm5DxOZ94rOm1hbGlBzlRzQGxDdYEotIJz0P0J7rEz%2FGIqKKWXjOA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64c22fef08c9d721-FRA
content-length
43
cf-request-id
09ed3c49620000d721ff08d000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=8a4f16fa-2764-5280-9566-d04df5f0bf2a
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
um
sync.e-planning.net/ Frame EE3B 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=1ec0c226-012a-4e0b-8d28-794217a53c4d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:57 GMT
server
openresty
content-type
image/gif
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 4F7E 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
44473ed792d625972e61e3c5669e07df6b2c90c02f8c414aa8bbebbb472b84ba

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1215; CMST=YJZvZ2CWb2cA; CMID=YJZvZ80QyA1irCm.eMbIEwAA; CMPRO=1152; CMRUM3=6960966f6705a0&dd60966f6727600&2d60966f672760CAESEHTaqwYzgRLOyS9gngGk2ME&2760966f670b40&e660966f6727600&f160966f6705a0&ce60966f6705a00&5a60966f672760E2D179E90B864B31A674C35C341F75F2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|3|4|195|39|191|130
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1646
Expires
Sat, 08 May 2021 11:00:56 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 08 May 2021 11:00:56 GMT
Connection
keep-alive
Set-Cookie
CMID=YJZvZ80QyA1irCm.eMbIEwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 08 May 2022 11:00:56 GMT CMPS=1215;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 06 Aug 2021 11:00:56 GMT CMPRO=1152;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 06 Aug 2021 11:00:56 GMT CMST=YJZvZ2CWb2gA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 09 May 2021 11:00:56 GMT CMRUM3=0360966f6805a0&bf60966f6805a0&8260966f68a8c0&2d60966f672760CAESEHTaqwYzgRLOyS9gngGk2ME&6960966f6705a0&dd60966f6727600&4960966f6805a00&f160966f6705a0&0460966f6805a0&ce60966f6705a00&5a60966f672760E2D179E90B864B31A674C35C341F75F2&c360966f6805a00&e660966f6727600&2760966f680b40&2e60966f6805a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 08 May 2022 11:00:56 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 71A4 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sat, 08 May 2021 11:00:56 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YJZva; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame 7BEA 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
d
ic.tynt.com/r/ Frame 68CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

:method
GET
:authority
ic.tynt.com
:scheme
https
:path
/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

server
nginx/1.16.1
date
Sat, 08 May 2021 11:00:58 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
setuid
sync.quantumdex.io/ Frame 2B4E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4075677591857000862
43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4075677591857000862
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:57 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FOWiG8IKiDle%2FBE62T6SA2jBl6Wo30IlYSpJa5rekedyyGrqwhwoKAT0RwxOttLOQnyL2Eb2E2R7SUgObTz5%2BZ%2BWn4AGaJArWnultC1iLEZNgjFM8l1hbvbOS1rBxE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64c22fef79ded721-FRA
content-length
43
cf-request-id
09ed3c49ae0000d7212e0d2000000001

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:56 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.140:80
AN-X-Request-Uuid
78ca4e74-41e5-416f-a925-ac2509b5bb99
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4075677591857000862
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2B4E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4075677591857000862
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4075677591857000862
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:57 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=InNtaFo2tEKFRoMzhoe7YeDsbPEqWzekOWsVte17sTuMJ3FYXtfxbuTZz0wnV32TUoOSkAX9%2FWukXf0EVFPIGLOW47LiSmVsgzPBcbrePUYa7vF0638HznIgsiHdO%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64c22fefdaa3d721-FRA
content-length
43
cf-request-id
09ed3c49e60000d7212116f000000001

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:56 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.53:80
AN-X-Request-Uuid
d0155905-b94f-4281-afc2-84b18b03d5e3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4075677591857000862
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2B4E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-l2uXvbZE2uEL1gxXaf813sWVA3BlbEerOoQ5z2M-~A
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-l2uXvbZE2uEL1gxXaf813sWVA3BlbEerOoQ5z2M-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:58 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Im2AJLeExGvtofHfAcCvDcqEY0mhQct6mBTPm1dm3VjJh16GOunJK%2B3cMgRb%2Bbz5jYbcIme%2FLQBsAz0FCPv9J0p8iPQ%2FEUTmindT5lMQDQtnEliH8%2FDk6iaxkoHjIRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64c22ff98e18d721-FRA
content-length
43
cf-request-id
09ed3c4ff10000d721d933b000000001

Redirect headers

Date
Sat, 08 May 2021 11:00:58 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-l2uXvbZE2uEL1gxXaf813sWVA3BlbEerOoQ5z2M-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 2B4E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4075677591857000862
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4075677591857000862
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:57 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yi0aGxh3jS%2B%2FWOk7T%2B%2FLUSve3IkOT32%2BGc43lKiLWifso6A8MIhC6%2Bb7E6gBot8mqcmWBonmeto6IMb1Pr61Ya6gXBtdOXQ2SS%2ByD0GApqX6ydKMOpZ0SU1E4pthyGM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64c22fefaa4ed721-FRA
content-length
43
cf-request-id
09ed3c49d10000d721f7a61000000001

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:56 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.165:80
AN-X-Request-Uuid
b442bb44-c37a-4c0c-9185-b641aeb24b6c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=4075677591857000862
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2B4E
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=8a4f16fa-2764-5280-9566-d04df5f0bf2a
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=8a4f16fa-2764-5280-9566-d04df5f0bf2a
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:56 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2ID70HVQRquxufqK6NBvBnIrS5%2FNgMPo1AnX7rIFd3JQvNn4LZcLCUcRBA9BSvyxyQMEc6JgKSwEQZVuiR%2FOOUugJEyIOk6s7SGx%2BO3jrR96aYGFW4iaMpVb0SlDZcc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64c22fef3951d721-FRA
content-length
43
cf-request-id
09ed3c49810000d72138b26000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=8a4f16fa-2764-5280-9566-d04df5f0bf2a
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
us
sync.go.sonobi.com/ Frame 2B4E 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:56 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame 2B4E 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=8212c5f7-b766-4967-a403-4cb7eeb9707f
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:57 GMT
server
openresty
content-type
image/gif
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 9F3E 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
56aa2095fa8ff3dccf78bfaa83170bebbf2944110f225b93488448f0cdba4add

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1215; CMST=YJZvZ2CWb2cA; CMID=YJZvZ80QyA1irCm.eMbIEwAA; CMPRO=1152; CMRUM3=6960966f6705a0&dd60966f6727600&2d60966f672760CAESEHTaqwYzgRLOyS9gngGk2ME&2760966f670b40&e660966f6727600&f160966f6705a0&ce60966f6705a00&5a60966f672760E2D179E90B864B31A674C35C341F75F2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|4|3|105|88|195|156
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1642
Expires
Sat, 08 May 2021 11:00:56 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 08 May 2021 11:00:56 GMT
Connection
keep-alive
Set-Cookie
CMID=YJZvZ80QyA1irCm.eMbIEwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 08 May 2022 11:00:56 GMT CMPS=1215;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 06 Aug 2021 11:00:56 GMT CMPRO=1152;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 06 Aug 2021 11:00:56 GMT CMST=YJZvZ2CWb2gA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 09 May 2021 11:00:56 GMT CMRUM3=2e60966f6805a0&2760966f670b40&e660966f6727600&c360966f6805a00&ce60966f6705a00&5a60966f672760E2D179E90B864B31A674C35C341F75F2&f160966f6705a0&0460966f6805a0&4960966f6805a00&5860966f6805a0&6960966f6805a0&9c60966f6805a00&dd60966f6727600&2d60966f672760CAESEHTaqwYzgRLOyS9gngGk2ME&0360966f6805a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 08 May 2022 11:00:56 GMT
/
onetag-sys.com/usync/ Frame E4CD 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
d
ic.tynt.com/r/ Frame A70F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

:method
GET
:authority
ic.tynt.com
:scheme
https
:path
/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

server
nginx/1.16.1
date
Sat, 08 May 2021 11:00:58 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
Cookie set uc.html
sync.go.sonobi.com/ Frame A80F 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Sat, 08 May 2021 11:00:56 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YJZva; path=/; domain=.go.sonobi.com
YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4F7E 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:56 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 4F7E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 4F7E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd1d6096-6f67-4700-8805-4175781ba553&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd1d6096-6f67-4700-8805-4175781ba553&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 08 May 2021 11:00:57 GMT

Redirect headers

Date
Sat, 08 May 2021 11:02:43 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd1d6096-6f67-4700-8805-4175781ba553&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 08 May 2021 11:02:42 GMT
rum
dsum-sec.casalemedia.com/ Frame 4F7E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9165409399064587149
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9165409399064587149
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 08 May 2021 11:00:58 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9165409399064587149
pragma
no-cache
date
Sat, 08 May 2021 11:00:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 4F7E
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-0dffafec-fdda-4b05-a77c-75dc3a84db96
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-0dffafec-fdda-4b05-a77c-75dc3a84db96&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-0dffafec-fdda-4b05-a77c-75dc3a84db96&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:01:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 08 May 2021 11:01:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:01:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-0dffafec-fdda-4b05-a77c-75dc3a84db96&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
304
Expires
Sat, 08 May 2021 11:01:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4F7E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YJZvZ80QyA1irCm.eMbIEwAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
index
dmp.brand-display.com/cm/api/ Frame 4F7E 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:02 GMT
via
1.1 google
last-modified
Sat, 08 May 2021 11:01:02 GMT
server
nginx/1.20.0
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Sat, 08 May 2021 11:01:03 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 4F7E 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-40-147.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 08 May 2021 11:00:56 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame 4F7E 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:56 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sCwIlyI30WLvGv%2FyuomgzYTWYe4o4oPtC5r8aQoGA1m2GwXgBvMWvyxu2TuAaFdwCCM7Ku%2B2Q%2BsbkAfci%2BTq5zh6lbUIIqa3ArQIptA4e%2Bs1imCn1I6QGhwUJkP1g5U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64c22fef18f2d721-FRA
content-length
43
cf-request-id
09ed3c496b0000d721f5188000000001
YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9F3E 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:56 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 9F3E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 9F3E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9165409399064587149
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9165409399064587149
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 08 May 2021 11:00:57 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9165409399064587149
pragma
no-cache
date
Sat, 08 May 2021 11:00:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 9F3E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd1d6096-6f67-4700-8805-4175781ba553&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd1d6096-6f67-4700-8805-4175781ba553&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 08 May 2021 11:00:58 GMT

Redirect headers

Date
Sat, 08 May 2021 11:02:43 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x6
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd1d6096-6f67-4700-8805-4175781ba553&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 08 May 2021 11:02:42 GMT
crum
dsum-sec.casalemedia.com/ Frame 9F3E
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:00:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 08 May 2021 11:00:58 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sat, 08 May 2021 11:00:56 GMT
server
nginx/1.18.0
content-length
76
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 9F3E 		85 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:56 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1620471657.862731,VS0,VE97
x-served-by
cache-hhn4052-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 9F3E
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ef86a02d-c6d9-43f2-8241-4a1352553e46
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ef86a02d-c6d9-43f2-8241-4a1352553e46&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ef86a02d-c6d9-43f2-8241-4a1352553e46&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:01:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 08 May 2021 11:01:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:01:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ef86a02d-c6d9-43f2-8241-4a1352553e46&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
304
Expires
Sat, 08 May 2021 11:01:00 GMT
cookiesync
bttrack.com/pixel/ Frame 9F3E 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Sat, 08 May 2021 11:00:30 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
setuid
sync.quantumdex.io/ Frame 9F3E 		43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YJZvZ80QyA1irCm-eMbIEwAABIAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:56 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CzC07VINfB31VcihsdFJa3E0vMLwApDAlDogF9yGD7o993VVV6Laty1Jec1Hddh0wOgmT6oXe4bG0sB9Ft%2Bcv2Ml2ATxeFpqdDmdqbLcFGpBSQ55ilLMce%2F9E%2FvhTfs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64c22fef598bd721-FRA
content-length
43
cf-request-id
09ed3c49920000d721e7a00000000001
SPug
simage4.pubmatic.com/AdServer/ Frame 11D5 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:57 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
showad.js
ads.pubmatic.com/AdServer/js/ Frame DA17 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=4F068955-5304-4DF5-B38E-6C9C77F7EDAB; chkChromeAb67Sec=1; DPSync3=1621641600%3A201_227_226_221; SyncRTB3=1621641600%3A165_56_161_231_220_22_55_54_99_230_176_71_88_204_166_81_189_234_21_13_3_7_8%7C1623024000%3A203%7C1621036800%3A67_2_223_15%7C1621728000%3A35%7C1621296000%3A63; KRTBCOOKIE_57=22776-4075677591857000862; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&16736-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23019-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23114-uid:bd1d6096-6f67-4700-8805-4175781ba553; KRTBCOOKIE_409=22966-XCROD12azIZiNqWNh0naWxY0; KRTBCOOKIE_153=1923-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&19420-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&22979-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX; KRTBCOOKIE_377=6810-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&22918-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&23031-b82e3e12-87e9-4d90-82b8-6d7ea657a111; KRTBCOOKIE_80=16514-CAESEBanhMsWO--41ILBR5i06gY&KRTB&22987-CAESEBanhMsWO--41ILBR5i06gY&KRTB&23025-CAESEBanhMsWO--41ILBR5i06gY; KRTBCOOKIE_391=22924-1278699865142767615&KRTB&23263-1278699865142767615; KRTBCOOKIE_594=17105-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003&KRTB&17107-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003; KRTBCOOKIE_22=14911-9165409399064587149; KRTBCOOKIE_218=22978-YJZvZwAA1YDoMwA4&KRTB&23194-YJZvZwAA1YDoMwA4&KRTB&23209-YJZvZwAA1YDoMwA4&KRTB&23244-YJZvZwAA1YDoMwA4; KRTBCOOKIE_1074=22956-e_acff90b5-7082-42d5-acba-e18e5aa8b6ae; KRTBCOOKIE_188=3189-no-consent; PugT=1620471656; SPugT=1620471657; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=52439
Expires
Sun, 09 May 2021 01:34:56 GMT
Date
Sat, 08 May 2021 11:00:57 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame DA17 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=99606938&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c7cb88ba73f19828b58453fb8e0821d4e231c31a893aacbf3c9a28d519abef75

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:57 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame D28F 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=99606938&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=1278699865142767615
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 08 May 2021 11:00:57 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1278699865142767615; expires=Wed, 07 Jul 2021 11:00:57 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame CAB9
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f090e07c-c43d-4e61-b22c-424251676e83-tuct78ff4e9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f090e07c-c43d-4e61-b22c-424251676e83-tuct78ff4e9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=99606938&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f090e07c-c43d-4e61-b22c-424251676e83-tuct78ff4e9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=f090e07c-c43d-4e61-b22c-424251676e83-tuct78ff4e9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sat, 08 May 2021 11:00:59 GMT
via
1.1 varnish
x-served-by
cache-fra19135-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1620471660.692623,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=f090e07c-c43d-4e61-b22c-424251676e83-tuct78ff4e9;Version=1;Path=/;Domain=.taboola.com;Expires=Sun, 08-May-2022 11:00:57 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f090e07c-c43d-4e61-b22c-424251676e83-tuct78ff4e9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sat, 08 May 2021 11:00:57 GMT
via
1.1 varnish
x-served-by
cache-hhn11525-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1620471658.584677,VS0,VE9
x-vcl-time-ms
9
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame A79B
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=99606938&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1620471659634; TapAd_DID=c043d2a6-3d81-4203-bea3-5cbaaeeb7d36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 08 May 2021 11:00:59 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear

Redirect headers

date
Sat, 08 May 2021 11:00:59 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1620471659634;Expires=Wed, 07 Jul 2021 11:00:59 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=24d7ff76-4a7c-45e9-ac85-b15dd0fdf575;Expires=Wed, 07 Jul 2021 11:00:59 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 77E0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5kggVWO21LFkHD5&gdpr=0&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5kggVWO21LFkHD5&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=99606938&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
SPugT=1620471658
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 08 May 2021 11:00:59 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:5kggVWO21LFkHD5; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 06-Aug-2021 11:00:59 GMT; path=/ PugT=1620471659; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 07-Jun-2021 11:00:59 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 06-Aug-2021 11:00:59 GMT; path=/
X-lat
amspug005:0:400
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Sat, 08 May 2021 11:00:59 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5kggVWO21LFkHD5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-077182e85f3323570@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=5kggVWO21LFkHD5; Domain=.w55c.net; Expires=Wed, 08-Jun-2022 11:01:00 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Mon, 07-Jun-2021 11:01:00 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 8A3F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=aFAAAa51QgJP4MWw8-MNt1JmEnI
42 B
778 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=aFAAAa51QgJP4MWw8-MNt1JmEnI
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=99606938&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=4F068955-5304-4DF5-B38E-6C9C77F7EDAB; KRTBCOOKIE_57=22776-4075677591857000862; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&16736-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23019-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23114-uid:bd1d6096-6f67-4700-8805-4175781ba553; KRTBCOOKIE_409=22966-XCROD12azIZiNqWNh0naWxY0; KRTBCOOKIE_153=1923-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&19420-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&22979-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX; KRTBCOOKIE_377=6810-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&22918-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&23031-b82e3e12-87e9-4d90-82b8-6d7ea657a111; KRTBCOOKIE_80=16514-CAESEBanhMsWO--41ILBR5i06gY&KRTB&22987-CAESEBanhMsWO--41ILBR5i06gY&KRTB&23025-CAESEBanhMsWO--41ILBR5i06gY; KRTBCOOKIE_391=22924-1278699865142767615&KRTB&23263-1278699865142767615; KRTBCOOKIE_594=17105-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003&KRTB&17107-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003; KRTBCOOKIE_22=14911-9165409399064587149; KRTBCOOKIE_218=22978-YJZvZwAA1YDoMwA4&KRTB&23194-YJZvZwAA1YDoMwA4&KRTB&23209-YJZvZwAA1YDoMwA4&KRTB&23244-YJZvZwAA1YDoMwA4; KRTBCOOKIE_1074=22956-e_acff90b5-7082-42d5-acba-e18e5aa8b6ae; KRTBCOOKIE_188=3189-no-consent; PugT=1620471656; SPugT=1620471657; chkChromeAb67Sec=2; DPSync3=1621641600%3A219_197_232_201_227_226_221%7C1620518400%3A174; SyncRTB3=1621641600%3A165_54_81_189_161_22_99_222_56_234_21_13_176_88_204_55_166_8_7_104_231_230_3_57_233_71_78_5_220%7C1625616000%3A69%7C1623024000%3A203%7C1621036800%3A2_67_223_15%7C1621728000%3A35%7C1621296000%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 08 May 2021 11:00:56 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_860=16335-aFAAAa51QgJP4MWw8-MNt1JmEnI; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 06-Aug-2021 11:00:56 GMT; path=/ PugT=1620471656; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 07-Jun-2021 11:00:56 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 06-Aug-2021 11:00:56 GMT; path=/
X-lat
amspug003:0:677
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Sat, 08 May 2021 11:00:57 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=aFAAAa51QgJP4MWw8-MNt1JmEnI
Set-Cookie
sa-user-id=s%3A0-68500001-ae75-4202-4fe0-c5b0f3e30db7.D0V4xAJNm8cFEy%2FFmSffbAGgVKi1AYVUzg8jbnhkL%2F0; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-68500001-ae75-4202-4fe0-c5b0f3e30db7%24ip%2482.102.18.114.Q6uxO7EHWnfam6XKmQVnuqUicCIw%2FEyYweKUdAo0FoA; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
usersync
match.bnmla.com/ Frame 068E 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=99606938&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 08 May 2021 11:01:00 GMT
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 31F8
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E2D179E90B864B31A674C35C341F75F2
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E2D179E90B864B31A674C35C341F75F2
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=99606938&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=4F068955-5304-4DF5-B38E-6C9C77F7EDAB; KRTBCOOKIE_57=22776-4075677591857000862; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&16736-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23019-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23114-uid:bd1d6096-6f67-4700-8805-4175781ba553; KRTBCOOKIE_409=22966-XCROD12azIZiNqWNh0naWxY0; KRTBCOOKIE_153=1923-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&19420-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&22979-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX; KRTBCOOKIE_377=6810-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&22918-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&23031-b82e3e12-87e9-4d90-82b8-6d7ea657a111; KRTBCOOKIE_80=16514-CAESEBanhMsWO--41ILBR5i06gY&KRTB&22987-CAESEBanhMsWO--41ILBR5i06gY&KRTB&23025-CAESEBanhMsWO--41ILBR5i06gY; KRTBCOOKIE_391=22924-1278699865142767615&KRTB&23263-1278699865142767615; KRTBCOOKIE_594=17105-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003&KRTB&17107-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003; KRTBCOOKIE_22=14911-9165409399064587149; KRTBCOOKIE_218=22978-YJZvZwAA1YDoMwA4&KRTB&23194-YJZvZwAA1YDoMwA4&KRTB&23209-YJZvZwAA1YDoMwA4&KRTB&23244-YJZvZwAA1YDoMwA4; KRTBCOOKIE_1074=22956-e_acff90b5-7082-42d5-acba-e18e5aa8b6ae; KRTBCOOKIE_188=3189-no-consent; PugT=1620471656; SPugT=1620471657; chkChromeAb67Sec=2; DPSync3=1621641600%3A219_197_232_201_227_226_221%7C1620518400%3A174; SyncRTB3=1621641600%3A165_54_81_189_161_22_99_222_56_234_21_13_176_88_204_55_166_8_7_104_231_230_3_57_233_71_78_5_220%7C1625616000%3A69%7C1623024000%3A203%7C1621036800%3A2_67_223_15%7C1621728000%3A35%7C1621296000%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 08 May 2021 11:00:56 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 06-Aug-2021 11:00:56 GMT; path=/
X-lat
amspug006:0:354
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
nginx
date
Sat, 08 May 2021 11:00:57 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E2D179E90B864B31A674C35C341F75F2
expires
Fri, 07 May 2021 11:00:57 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
setuid
rtb.adxpremium.services/ Frame 978A 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
rtb.adxpremium.services
:scheme
https
:path
/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSCookie=1; uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJjMDRiNDViYTk0N2VjNmVmIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTQuMDE5NTk1ODU3KzAyOjAwIn0sImVwbGFubmluZyI6eyJ1aWQiOiJBSnlrbExtQXM4TTlFdlZLIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTYuOTI0MTY2MjYrMDI6MDAifSwibWFyc21lZGlhIjp7InVpZCI6IjQwNzU2Nzc1OTE4NTcwMDA4NjIiLCJleHBpcmVzIjoiMjAyMS0wNS0yMlQxMzowMDo1NS4zNDU1NjM5NzUrMDI6MDAifX0sImJkYXkiOiIyMDIxLTA1LTA4VDEzOjAwOjUzLjY1OTAyMDE5OSswMjowMCJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 08 May 2021 11:00:57 GMT
content-length
0
set-cookie
__cfduid=df171ea3ea37a3dc3a8eaf1ce365b3df51620471657; expires=Mon, 07-Jun-21 11:00:57 GMT; path=/; domain=.adxpremium.services; HttpOnly; SameSite=Lax SSCookie=1; Path=/; Expires=Fri, 06 Aug 2021 11:00:57 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJjMDRiNDViYTk0N2VjNmVmIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTQuMDE5NTk1ODU3KzAyOjAwIn0sImVwbGFubmluZyI6eyJ1aWQiOiJBSnlrbExtQXM4TTlFdlZLIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTYuOTI0MTY2MjYrMDI6MDAifSwibWFyc21lZGlhIjp7InVpZCI6IjQwNzU2Nzc1OTE4NTcwMDA4NjIiLCJleHBpcmVzIjoiMjAyMS0wNS0yMlQxMzowMDo1NS4zNDU1NjM5NzUrMDI6MDAifSwicHVibWF0aWMiOnsidWlkIjoiNEYwNjg5NTUtNTMwNC00REY1LUIzOEUtNkM5Qzc3RjdFREFCIiwiZXhwaXJlcyI6IjIwMjEtMDUtMjJUMTM6MDA6NTcuNzIyOTc1MTc5KzAyOjAwIn19LCJiZGF5IjoiMjAyMS0wNS0wOFQxMzowMDo1My42NTkwMjAxOTkrMDI6MDAifQ==; Path=/; Domain=adxpremium.services; Expires=Fri, 06 Aug 2021 11:00:57 GMT; Secure; SameSite=None
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
09ed3c4cf300004dd6c0210000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LT%2BZiIwGT8P%2BaYDacHFQosvfMTUAQkkM%2BsZXOx0AnEPhV%2FxPu2pDy2sIRk68L%2FNsf7tUHznS8xHMnobuMRahtbpf1HQhuWhOONhLcf1W7DUAePWS3xbVuTkAQ7Eba5QKs%2FhMGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64c22ff4b8704dd6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
/
pixel.onaudience.com/ Frame DA17
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=4F068955-5304-4DF5-B38E-6C9C77F7EDAB
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6faeef553e2f4b51e588ae56d7c69604
35 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6faeef553e2f4b51e588ae56d7c69604
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.210.112.63 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3174889.ip-51-210-112.eu
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Sat, 08 May 2021 11:00:58 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=6faeef553e2f4b51e588ae56d7c69604
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame DA17
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd1d6096-6f67-4700-8805-4175781ba553
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd1d6096-6f67-4700-8805-4175781ba553
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:59 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 08 May 2021 11:02:43 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd1d6096-6f67-4700-8805-4175781ba553
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 08 May 2021 11:02:42 GMT
/
loadm.exelator.com/load/ Frame DA17
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:00:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Sat, 08 May 2021 11:00:59 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=4F068955-5304-4DF5-B38E-6C9C77F7EDAB&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame DA17
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ac34dbde-afec-11eb-97e8-53ce79fe8ad3&gdpr=0&gdpr_consent=
1 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ac34dbde-afec-11eb-97e8-53ce79fe8ad3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:00:59 GMT
X-lat
amspug017:0:424
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ac34dbde-afec-11eb-97e8-53ce79fe8ad3&gdpr=0&gdpr_consent=
Date
Sat, 08 May 2021 11:00:59 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
ac34dbdf-afec-11eb-97e8-53ce79fe8ad3
/
onetag-sys.com/usync/ Frame 0793 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=04a15c81-ae22-5280-80ca-3c91e05c53f5&CACHEBUSTER=848224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=5d1628750185ace
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cache.betweendigital.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cache.betweendigital.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
04a15c81-ae22-5280-80ca-3c91e05c53f5
an.yandex.ru/mapuid/betweendigitalis/ Frame 6772
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F04a15c81-ae22-5280-80ca-3c91e05c53f5
  • https://an.yandex.ru/mapuid/betweendigitalis/04a15c81-ae22-5280-80ca-3c91e05c53f5
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/04a15c81-ae22-5280-80ca-3c91e05c53f5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:58 GMT
content-encoding
gzip
last-modified
Sat, 08 May 2021 11:00:58 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 08 May 2021 11:00:58 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/04a15c81-ae22-5280-80ca-3c91e05c53f5
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7FCB 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=4F068955-5304-4DF5-B38E-6C9C77F7EDAB; KRTBCOOKIE_57=22776-4075677591857000862; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&16736-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23019-uid:bd1d6096-6f67-4700-8805-4175781ba553&KRTB&23114-uid:bd1d6096-6f67-4700-8805-4175781ba553; KRTBCOOKIE_409=22966-XCROD12azIZiNqWNh0naWxY0; KRTBCOOKIE_153=1923-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&19420-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX&KRTB&22979-2Qkg-tlfL_vCDSr51lg0-osPIa3CCnqui18AWgsX; KRTBCOOKIE_377=6810-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&22918-b82e3e12-87e9-4d90-82b8-6d7ea657a111&KRTB&23031-b82e3e12-87e9-4d90-82b8-6d7ea657a111; KRTBCOOKIE_80=16514-CAESEBanhMsWO--41ILBR5i06gY&KRTB&22987-CAESEBanhMsWO--41ILBR5i06gY&KRTB&23025-CAESEBanhMsWO--41ILBR5i06gY; KRTBCOOKIE_391=22924-1278699865142767615&KRTB&23263-1278699865142767615; KRTBCOOKIE_594=17105-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003&KRTB&17107-RX-33dcee80-0e7a-4f45-9965-20cd6c1f810a-003; KRTBCOOKIE_22=14911-9165409399064587149; KRTBCOOKIE_218=22978-YJZvZwAA1YDoMwA4&KRTB&23194-YJZvZwAA1YDoMwA4&KRTB&23209-YJZvZwAA1YDoMwA4&KRTB&23244-YJZvZwAA1YDoMwA4; KRTBCOOKIE_1074=22956-e_acff90b5-7082-42d5-acba-e18e5aa8b6ae; KRTBCOOKIE_188=3189-no-consent; SPugT=1620471657; repi=1; chkChromeAb67Sec=2; DPSync3=1621641600%3A219_197_232_201_227_226_221%7C1620518400%3A174; SyncRTB3=1621641600%3A165_54_81_189_161_22_99_222_56_234_21_13_176_88_204_55_166_8_7_104_231_230_3_57_233_71_78_5_220%7C1625616000%3A69%7C1623024000%3A203%7C1621036800%3A2_67_223_15%7C1621728000%3A35%7C1621296000%3A63; KRTBCOOKIE_860=16335-aFAAAa51QgJP4MWw8-MNt1JmEnI; KRTBCOOKIE_466=16530-88d67dc6-6b82-4308-b475-8146225334a2; KRTBCOOKIE_1101=23040-6959872775212169361; PugT=1620471656
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=52437
Expires
Sun, 09 May 2021 01:34:56 GMT
Date
Sat, 08 May 2021 11:00:59 GMT
Connection
keep-alive
Vary
Accept-Encoding
cmp
spl.zeotap.com/ Frame 689C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=2f43fd45-9bdf-4d62-4265-c5bdb18185df&reqId=5e9a7c93-dcc4-417a-4975-ae9c57ea91c4&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=2f43fd45-9bdf-4d62-4265-c5bdb18185df; zsc=NK%0C%ACNK%E3%3B%F9%CF%A0X%90%95%12%B0%A3%D1%A2%18%B7%F8j%D3%9C%C5%28%EC%27%87%1F%9BYc%CAy%95%00%15%AC%E8%86%8E%5B%D7%B6%A9%24%0E%84j%5C%B4ze%9D%A0%14%D5P%8C%03%8C%8C%B1%15%05y%3E%26%E2%D1%CA%B9%3C%01%2A%19%C6%E9%B51%7F9B%25Qj%D9%D6dw.E%14%D8l4g%F9%96%C8%C7%29%11M%B8%9C%90%C1y%BB%8CY%1F3w%A8%98ew%0Fv%EA%15g%15%9Fl%E1Uo%22Q%C8%A8_5z%22%F5%C6C%939O%5D%5B%8C%9CuV%D0%C3%03%FC%A1u%F4%AC%CE%0C%C6%A5%98%BCx%1C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Sat, 08 May 2021 11:00:58 GMT
set-cookie
__cfduid=d30260221e532f94c186e9fc39bb62d861620471658; expires=Mon, 07-Jun-21 11:00:58 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
09ed3c504400004e508b27b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64c22ffa0f994e50-FRA
sync.html
s.adtelligent.com/ Frame 6772 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adtelligent.com/sync.html?aid=582266
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://cache.betweendigital.com
Access-Control-Allow-Credentials
true
sync
t.adx.opera.com/ Frame 6772 		0
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60039&uid=04a15c81-ae22-5280-80ca-3c91e05c53f5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:00:58 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
adx.adform.net/serving/jslog/ 		35 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.adform.net/serving/jslog/?src=fluoroscope&msg=Placement%20not%20found%20800x100
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rus.delfi.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 08 May 2021 11:00:58 GMT
cache-control
private
server
nginx
content-type
image/gif
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame 7FCB 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39770194&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
78fcc5825faff48fe9269ffaf37ce4cdeb2af6a1ba3ee4df047ce81f49f8da09

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:01 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 7FCB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFOYSMymf4yLJt597iYdJsE&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFOYSMymf4yLJt597iYdJsE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:01 GMT
X-lat
lhrpug017:0:699
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFOYSMymf4yLJt597iYdJsE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 7FCB 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39770194&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:01:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 07 May 2021 11:01:01 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7FCB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=64082a3e-862e-47dd-9e72-794a06de6253
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=64082a3e-862e-47dd-9e72-794a06de6253
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:01 GMT
X-lat
amspug002:0:417
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=64082a3e-862e-47dd-9e72-794a06de6253
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 7FCB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2913961354282342544
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2913961354282342544
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:00 GMT
X-lat
amspug001:0:454
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:01 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2913961354282342544
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 7FCB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:01 GMT
X-lat
amspug007:0:411
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Sat, 08 May 2021 11:02:48 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 08 May 2021 11:02:47 GMT
usersync.aspx
dis.criteo.com/dis/ Frame F44B 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39770194&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sat, 08 May 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1564
x-powered-by
ASP.NET
date
Sat, 08 May 2021 11:01:01 GMT
content-length
43
pubmatic
d5p.de17a.com/getuid/ Frame CBB5 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39770194&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.180 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 7FCB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4937023020763147763&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4937023020763147763&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:01 GMT
X-lat
lhrpug012:0:576
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:01:01 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.138:80
AN-X-Request-Uuid
3cb1db78-01bc-4d74-8ca8-eef22b44e147
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4937023020763147763&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7FCB
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=udVvR7mDYBWih2JB7dx7ROmEZBeig2JC6YQbUP41
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=udVvR7mDYBWih2JB7dx7ROmEZBeig2JC6YQbUP41
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:01 GMT
X-lat
lhrpug005:0:912
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=udVvR7mDYBWih2JB7dx7ROmEZBeig2JC6YQbUP41
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame EDC5
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959872788105197720
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959872788105197720
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39770194&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
SPugT=1620471658; KRTBCOOKIE_107=1471-uid:5kggVWO21LFkHD5; PUBMDCID=3; KRTBCOOKIE_279=22890-ac34dbde-afec-11eb-97e8-53ce79fe8ad3&KRTB&23011-ac34dbde-afec-11eb-97e8-53ce79fe8ad3; KADUSERCOOKIE=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46; chkChromeAb67Sec=1; DPSync3=1621641600%3A221_201_227_226; SyncRTB3=1621641600%3A54_7_56_22_234_13_3_88_231_21_161_165_176_230_220_71_81_8_166_55_189_99_204%7C1621036800%3A15_223_2_67%7C1623024000%3A203%7C1621728000%3A35%7C1621296000%3A63; KRTBCOOKIE_27=16735-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&KRTB&16736-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&KRTB&23019-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&KRTB&23114-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1; KRTBCOOKIE_409=22966-90Gzu4AKJ63b6uw5iaMCWxY1; KRTBCOOKIE_1074=22956-e_52383a0e-87a9-4f21-8d98-61373b7b4202; PugT=1620471660
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 08 May 2021 11:01:01 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6959872788105197720; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 07-Jun-2021 11:01:01 GMT; path=/ PugT=1620471661; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 07-Jun-2021 11:01:01 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 06-Aug-2021 11:01:01 GMT; path=/
X-lat
amspug002:0:588
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sat, 08 May 2021 11:01:01 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6959872788105197720; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959872788105197720
adx
match.prod.bidr.io/cookie-sync/ Frame EF94
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFUlFFN0JMTjhBQUNzUFpyazRnQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39770194&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-40-147.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AAERQE7BLN8AACsPZrk4gA; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sat, 08 May 2021 11:01:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Sat, 08 May 2021 11:01:02 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pug
simage2.pubmatic.com/AdServer/ Frame 7FCB
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:8ce03d24-5884-4171-ae50-6e2d2b3a7b1f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:8ce03d24-5884-4171-ae50-6e2d2b3a7b1f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:01 GMT
X-lat
amspug004:0:369
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:8ce03d24-5884-4171-ae50-6e2d2b3a7b1f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 08 May 2021 11:01:01 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 7FCB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:01 GMT
X-lat
lhrpug017:0:774
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:01 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
bridge
cm.adgrx.com/ Frame 5CCF 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39770194&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sat, 08 May 2021 11:01:01 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-5
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame F9F3
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5289461148
  • https://sync.1rx.io/usersync/tradedesk/64082a3e-862e-47dd-9e72-794a06de6253
  • https://sync.targeting.unrulymedia.com/csync/RX-b0468464-ac93-4e16-a0a3-d79eccf8d948-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b0468464-ac93-4e16-a0a3-d79eccf8d948-003
42 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b0468464-ac93-4e16-a0a3-d79eccf8d948-003
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39770194&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
SPugT=1620471658; KRTBCOOKIE_107=1471-uid:5kggVWO21LFkHD5; PUBMDCID=3; KRTBCOOKIE_279=22890-ac34dbde-afec-11eb-97e8-53ce79fe8ad3&KRTB&23011-ac34dbde-afec-11eb-97e8-53ce79fe8ad3; KADUSERCOOKIE=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46; chkChromeAb67Sec=1; DPSync3=1621641600%3A221_201_227_226; SyncRTB3=1621641600%3A54_7_56_22_234_13_3_88_231_21_161_165_176_230_220_71_81_8_166_55_189_99_204%7C1621036800%3A15_223_2_67%7C1623024000%3A203%7C1621728000%3A35%7C1621296000%3A63; KRTBCOOKIE_27=16735-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&KRTB&16736-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&KRTB&23019-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&KRTB&23114-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1; KRTBCOOKIE_409=22966-90Gzu4AKJ63b6uw5iaMCWxY1; KRTBCOOKIE_1074=22956-e_52383a0e-87a9-4f21-8d98-61373b7b4202; KRTBCOOKIE_377=6810-64082a3e-862e-47dd-9e72-794a06de6253&KRTB&22918-64082a3e-862e-47dd-9e72-794a06de6253&KRTB&23031-64082a3e-862e-47dd-9e72-794a06de6253; KRTBCOOKIE_153=1923-udVvR7mDYBWih2JB7dx7ROmEZBeig2JC6YQbUP41&KRTB&19420-udVvR7mDYBWih2JB7dx7ROmEZBeig2JC6YQbUP41&KRTB&22979-udVvR7mDYBWih2JB7dx7ROmEZBeig2JC6YQbUP41; KRTBCOOKIE_391=22924-2913961354282342544&KRTB&23263-2913961354282342544; KRTBCOOKIE_1101=23040-6959872788105197720; KRTBCOOKIE_80=16514-CAESEFOYSMymf4yLJt597iYdJsE&KRTB&22987-CAESEFOYSMymf4yLJt597iYdJsE&KRTB&23025-CAESEFOYSMymf4yLJt597iYdJsE; KRTBCOOKIE_57=22776-4937023020763147763; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_22=14911-8675937608704289677; KRTBCOOKIE_218=22978-YJZvbQAAvKbEKABg&KRTB&23194-YJZvbQAAvKbEKABg&KRTB&23209-YJZvbQAAvKbEKABg&KRTB&23244-YJZvbQAAvKbEKABg; PugT=1620471660
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 08 May 2021 11:01:00 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_594=17105-RX-b0468464-ac93-4e16-a0a3-d79eccf8d948-003&KRTB&17107-RX-b0468464-ac93-4e16-a0a3-d79eccf8d948-003; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 06-Aug-2021 11:01:00 GMT; path=/ PugT=1620471660; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 07-Jun-2021 11:01:00 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 06-Aug-2021 11:01:00 GMT; path=/
X-lat
amspug013:0:557
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sat, 08 May 2021 11:01:02 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-b0468464-ac93-4e16-a0a3-d79eccf8d948-003%22%7D; path=/; expires=Sun, 08 May 2022 11:01:02 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b0468464-ac93-4e16-a0a3-d79eccf8d948-003
etag
RXb0468464ac934e16a0a3d79eccf8d948003
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame C7D9
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=90Gzu4AKJ63b6uw5iaMCWxY1
42 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=90Gzu4AKJ63b6uw5iaMCWxY1
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39770194&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
SPugT=1620471658; KRTBCOOKIE_107=1471-uid:5kggVWO21LFkHD5; PugT=1620471659; PUBMDCID=3; KRTBCOOKIE_279=22890-ac34dbde-afec-11eb-97e8-53ce79fe8ad3&KRTB&23011-ac34dbde-afec-11eb-97e8-53ce79fe8ad3; KADUSERCOOKIE=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46; chkChromeAb67Sec=1; DPSync3=1621641600%3A221_201_227_226; SyncRTB3=1621641600%3A54_7_56_22_234_13_3_88_231_21_161_165_176_230_220_71_81_8_166_55_189_99_204%7C1621036800%3A15_223_2_67%7C1623024000%3A203%7C1621728000%3A35%7C1621296000%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 08 May 2021 11:01:01 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-90Gzu4AKJ63b6uw5iaMCWxY1; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 07-Jun-2021 11:01:01 GMT; path=/ PugT=1620471661; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 07-Jun-2021 11:01:01 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 06-Aug-2021 11:01:01 GMT; path=/
X-lat
lhrpug017:0:769
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sat, 08 May 2021 11:01:01 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=90Gzu4AKJ63b6uw5iaMCWxY1; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=90Gzu4AKJ63b6uw5iaMCWxY1
strict-transport-security
max-age=0; includeSubDomains;
Pug
simage2.pubmatic.com/AdServer/ Frame 7FCB
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4937023020763147763
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4937023020763147763
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:01 GMT
X-lat
amspug009:0:341
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sat, 08 May 2021 11:01:01 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.167:80
AN-X-Request-Uuid
ac734af6-8a5e-4467-b5c2-ab3255c5bc1d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4937023020763147763
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dpe
ad4m.at/ad/ Frame A020 		42 B
263 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39770194&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c06d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 08 May 2021 11:01:01 GMT
content-type
image/gif
content-length
42
set-cookie
__cfduid=d769fcc83ba0284f37156ea05d2f621e81620471661; expires=Mon, 07-Jun-21 11:01:01 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7d3s
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
09ed3c5cac000031402016b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64c2300defba3140-FRA
Pug
simage2.pubmatic.com/AdServer/ Frame 8CEF
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39770194&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
SPugT=1620471658; KRTBCOOKIE_107=1471-uid:5kggVWO21LFkHD5; PUBMDCID=3; KRTBCOOKIE_279=22890-ac34dbde-afec-11eb-97e8-53ce79fe8ad3&KRTB&23011-ac34dbde-afec-11eb-97e8-53ce79fe8ad3; KADUSERCOOKIE=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46; chkChromeAb67Sec=1; DPSync3=1621641600%3A221_201_227_226; SyncRTB3=1621641600%3A54_7_56_22_234_13_3_88_231_21_161_165_176_230_220_71_81_8_166_55_189_99_204%7C1621036800%3A15_223_2_67%7C1623024000%3A203%7C1621728000%3A35%7C1621296000%3A63; KRTBCOOKIE_27=16735-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&KRTB&16736-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&KRTB&23019-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&KRTB&23114-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1; KRTBCOOKIE_409=22966-90Gzu4AKJ63b6uw5iaMCWxY1; KRTBCOOKIE_1074=22956-e_52383a0e-87a9-4f21-8d98-61373b7b4202; KRTBCOOKIE_377=6810-64082a3e-862e-47dd-9e72-794a06de6253&KRTB&22918-64082a3e-862e-47dd-9e72-794a06de6253&KRTB&23031-64082a3e-862e-47dd-9e72-794a06de6253; PugT=1620471661
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 08 May 2021 11:01:01 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-lat
amspug011:2:264
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Encoding
gzip

Redirect headers

set-cookie
viewer_token=dff9209e-3406-4a17-a8be-c07d38a839a8; path=/; domain=csync.loopme.me; Expires=Tue, 08-Jun-2021 11:01:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Sat, 08 May 2021 11:01:01 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 7FCB
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_52383a0e-87a9-4f21-8d98-61373b7b4202
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_52383a0e-87a9-4f21-8d98-61373b7b4202
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:00 GMT
X-lat
amspug003:0:276
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_52383a0e-87a9-4f21-8d98-61373b7b4202
date
Sat, 08 May 2021 11:01:01 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
i.match
s.tribalfusion.com/z/ Frame 21F8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39770194&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aKnoeUxNeTxBeZdwWNuLePgWcvGYq6Ft9oStw6oBP
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 08 May 2021 11:01:02 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=d577e129bc4282bb502d3b3be8f27faf31620471662; expires=Mon, 07-Jun-21 11:01:02 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=a6nsIHMZaAC6pqGpS71cNgrpqZbgxA8oqONZb2HXZcgdGPZcrUo3MyYQ4qGgQhjZa1SINmYtZcPFcUtyI7iny8FftZase9Eb; path=/; domain=.tribalfusion.com; expires=Fri, 06-Aug-2021 11:01:02 GMT; SameSite=None; Secure; ANON_ID_old=a6nsIHMZaAC6pqGpS71cNgrpqZbgxA8oqONZb2HXZcgdGPZcrUo3MyYQ4qGgQhjZa1SINmYtZcPFcUtyI7iny8FftZase9Eb; path=/; domain=.tribalfusion.com; expires=Fri, 06-Aug-2021 11:01:02 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
09ed3c5e890000c2dbde9ee000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64c23010df2cc2db-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sat, 08 May 2021 11:01:01 GMT
content-type
text/html
set-cookie
__cfduid=d69f03b3ea01d0aadf1934b4739b1f99b1620471661; expires=Mon, 07-Jun-21 11:01:01 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aKnoeUxNeTxBeZdwWNuLePgWcvGYq6Ft9oStw6oBP; path=/; domain=.tribalfusion.com; expires=Fri, 06-Aug-2021 11:01:01 GMT; SameSite=None; Secure; ANON_ID_old=aKnoeUxNeTxBeZdwWNuLePgWcvGYq6Ft9oStw6oBP; path=/; domain=.tribalfusion.com; expires=Fri, 06-Aug-2021 11:01:01 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
2937
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
09ed3c5cad0000c2db1ebba000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64c2300de916c2db-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 2A37
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=pqzgmJI1XDSh&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=pqzgmJI1XDSh&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39770194&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
SPugT=1620471658; KRTBCOOKIE_107=1471-uid:5kggVWO21LFkHD5; PUBMDCID=3; KRTBCOOKIE_279=22890-ac34dbde-afec-11eb-97e8-53ce79fe8ad3&KRTB&23011-ac34dbde-afec-11eb-97e8-53ce79fe8ad3; KADUSERCOOKIE=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46; chkChromeAb67Sec=1; DPSync3=1621641600%3A221_201_227_226; SyncRTB3=1621641600%3A54_7_56_22_234_13_3_88_231_21_161_165_176_230_220_71_81_8_166_55_189_99_204%7C1621036800%3A15_223_2_67%7C1623024000%3A203%7C1621728000%3A35%7C1621296000%3A63; KRTBCOOKIE_27=16735-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&KRTB&16736-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&KRTB&23019-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1&KRTB&23114-uid:41d06096-6f6d-4b00-ba1d-a7251ea4b9f1; KRTBCOOKIE_409=22966-90Gzu4AKJ63b6uw5iaMCWxY1; KRTBCOOKIE_1074=22956-e_52383a0e-87a9-4f21-8d98-61373b7b4202; KRTBCOOKIE_377=6810-64082a3e-862e-47dd-9e72-794a06de6253&KRTB&22918-64082a3e-862e-47dd-9e72-794a06de6253&KRTB&23031-64082a3e-862e-47dd-9e72-794a06de6253; PugT=1620471661
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 08 May 2021 11:01:00 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 06-Aug-2021 11:01:00 GMT; path=/
X-lat
amspug003:0:395
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-stage-0
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=pqzgmJI1XDSh&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=2b0f8d2fb013dffc; path=/; HttpOnly; Secure; SameSite=None
141
match.deepintent.com/usersync/ Frame EF71 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=39770194&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Sat, 08 May 2021 11:01:01 GMT
server
a
um
u-ams02.e-planning.net/ Frame 3FDF 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=4e3cd65fa13600ad&uid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method
GET
:authority
u-ams02.e-planning.net
:scheme
https
:path
/um?dc=a208d9366469aa64&fi=4e3cd65fa13600ad&uid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
openresty
date
Sat, 08 May 2021 11:01:01 GMT
content-type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7FCB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=s0o3pcDHTO6o_aKCTFjsRg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=100293
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sun, 09 May 2021 14:52:35 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 7FCB 		95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:01:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
64c2300e4ff74e50-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09ed3c5cea00004e5069359000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 7FCB
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:00 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:00 GMT
frontend-id
15
location
/pubmatic/1/info2?sType=sync&sExtCookieId=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 7FCB
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&addseg=12,35,41
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 7FCB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjM0QTM3QTUtQzBDNy00Q0VFLUE4RkQtQTI4MjRDNThFQzQ2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:01 GMT
X-lat
lhrpug010:0:375
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7FCB 		43 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 11:01:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 7FCB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jqJtpeFE2uUo6so899a0zX7RSlwQBSU-~A&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jqJtpeFE2uUo6so899a0zX7RSlwQBSU-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Sat, 08 May 2021 11:01:02 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Sat, 08 May 2021 11:01:02 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jqJtpeFE2uUo6so899a0zX7RSlwQBSU-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
bidswitch
event.clientgear.com/cookie/ Frame 7FCB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=67a1941c-1054-47d1-921a-db0dc58be5d0
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7FCB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8675937608704289677&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8675937608704289677&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:01 GMT
X-lat
amspug009:0:439
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8675937608704289677&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 08 May 2021 11:01:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 7FCB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJZvbQAAvKbEKABg&gdpr=0&gdpr_consent=&_test=YJZvbQAAvKbEKABg
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJZvbQAAvKbEKABg&gdpr=0&gdpr_consent=&_test=YJZvbQAAvKbEKABg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:00 GMT
X-lat
amspug003:0:417
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620471662.012071,VS0,VE0
x-served-by
cache-hhn4052-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJZvbQAAvKbEKABg&gdpr=0&gdpr_consent=&_test=YJZvbQAAvKbEKABg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 7FCB 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:01 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
ptrack
a.audrte.com/ Frame 1327 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=82.102.18.114&p=M1353665098&artime=2021-05-08T11:01:02.763Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGYWRzLnVzLmUtcGxhbm5pbmcubmV0JTJGZ2V0dWlkJTJGMSUyRjVhMWFkNzFkMmQ1M2EwZjUlM0ZodHRwcyUzQSUyRiUyRnJ0Yi5hZHhwcmVtaXVtLnNlcnZpY2VzJTJGc2V0dWlkJTNGYmlkZGVyJTNEZXBsYW5uaW5nJTI2Z2RwciUzRDElMjZnZHByX2NvbnNlbnQlM0QlMjZ1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=dXNlci1zeW5jLmFkeHByZW1pdW0uc2VydmljZXMv
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.146.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
18ec9dc2de801792d6a6da883fc3793c9755c8b527265565e48e48aa1fa63229

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:02 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=15238/rand=428496484/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/ Frame DCCE
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=15238/rand=428496484/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=428496484/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=428496484/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
453794044cbe337944329b6c97b4b90d45a266c1bd23bf28f17cc1d4ed27fe2a

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=15238/rand=428496484/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Sat, 08 May 2021 11:01:02 GMT
content-type
text/html;charset=UTF-8
content-length
1344
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.20.225
set-cookie
_cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 02-Feb-2022 11:02:00 GMT;SameSite=None;Secure _cc_id=6a45e6f7ce5a6930e3bd10a88a9c29e2;Path=/;Domain=crwdcntrl.net;Expires=Wed, 02-Feb-2022 11:02:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQMEs0MU01SzNPTjVNNLM0Nkg1TkoxNEi0sEi0TDayTDViAIKEafl5v%2F%2F%2F%2F88P4kAAAMC1DvI%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 02-Feb-2022 11:02:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBImJafB6SgAAAW3gHU";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Wed, 02-Feb-2022 11:02:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*

Redirect headers

date
Sat, 08 May 2021 11:01:02 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=428496484/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.24.55
set-cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
usync.html
eus.rubiconproject.com/ Frame 95CA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://user-sync.adxpremium.services/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 08 May 2021 11:01:02 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 95CA 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55013
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Sun, 09 May 2021 02:17:55 GMT
p
a.audrte.com/ Frame 1327
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8miT3WzeqZiRDSAxA8y95V8NQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8miT3WzeqZiRDSAxA8y95V8NQ&gdpr=0&gdpr_consent=&google_gid=CAESELTSpugPrKckG1CR7GRbf9E&google_cver=1
  • https://a.audrte.com/p
68 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.146.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:03 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/avif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 08 May 2021 11:01:03 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 1327
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=2913961354282342544
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=&google_gid=CAESELTSpugPrKckG1CR7GRbf9E&google_cver=1
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=8miT3WzeqZiRDSAxA8y95V8NQ&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206N...
  • https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p
68 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.146.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:03 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/avif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 08 May 2021 11:01:03 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 1327 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=8miT3WzeqZiRDSAxA8y95V8NQ&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 11:01:04 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
tpid=no-consent
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame DCCE
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=428496484/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:02 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.0.111
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:02 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
tpid=15034018809588788571144267388814401893
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame DCCE
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=6a45e6f7ce5a6930e3bd10a88a9c29e2&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=15034018809588788571144267388814401893
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=15034018809588788571144267388814401893
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=428496484/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:04 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.21.121
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-irl1-1-v005-0018b13d1.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
h2bDqErqRA8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=15034018809588788571144267388814401893
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
tpid=YJZvbQAAvKbEKABg
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame DCCE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YJZvbQAAvKbEKABg
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YJZvbQAAvKbEKABg
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=428496484/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:02 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.70
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1620471663.893206,VS0,VE0
x-served-by
cache-hhn4052-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YJZvbQAAvKbEKABg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tpid=c043d2a6-3d81-4203-bea3-5cbaaeeb7d36
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame DCCE
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=6a45e6f7ce5a6930e3bd10a88a9c29e2&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=c043d2a6-3d81-4203-bea3-5cbaaeeb7d36
49 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=c043d2a6-3d81-4203-bea3-5cbaaeeb7d36
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=428496484/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:02 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.10
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Sat, 08 May 2021 11:01:02 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=c043d2a6-3d81-4203-bea3-5cbaaeeb7d36
alt-svc
clear
content-length
0
qmap
sync.crwdcntrl.net/ Frame DCCE
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=41d06096-6f6d-4b00-ba1d-a7251ea4b9f1
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=41d06096-6f6d-4b00-ba1d-a7251ea4b9f1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=428496484/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:02 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.51
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Sat, 08 May 2021 11:02:49 GMT
Server
MT3 3709 11aaa92 master cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=41d06096-6f6d-4b00-ba1d-a7251ea4b9f1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 08 May 2021 11:02:48 GMT
pixel
cm.g.doubleclick.net/ Frame DCCE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NmE0NWU2ZjdjZTVhNjkzMGUzYmQxMGE4OGE5YzI5ZTI
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=428496484/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 95CA 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
setuid
rtb.adxpremium.services/ Frame 8B46
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
  • https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=1&gdpr_consent=&uid=2913961354282342544
0
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=1&gdpr_consent=&uid=2913961354282342544
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://user-sync.adxpremium.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 May 2021 11:01:03 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WS0MQ3ZNTT%2FCH3abGaBuQn1e655zIGpR4yTFx0myHFZp8tdyBMOaBY5uvpQXVZDM7GTI5E6hVYsyhEI95qd%2FhR63bDyV8euEdfiyFBzXE20DqFywna2V%2B5v%2BvRtrxxoz4HB6HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
64c23015b9934dd6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
09ed3c619000004dd6ea8af000000001
expires
0

Redirect headers

location
https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=1&gdpr_consent=&uid=2913961354282342544
date
Sat, 08 May 2021 11:01:02 GMT
server
nginx
content-length
0
content-type
text/plain
SPug
simage4.pubmatic.com/AdServer/ Frame 7FCB 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 08 May 2021 10:18:47 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aud.pubmatic.com
URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B34A37A5-C0C7-4CEE-A8FD-A2824C58EC46&addseg=12,35,41
Domain
event.clientgear.com
URL
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=67a1941c-1054-47d1-921a-db0dc58be5d0

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| Adform object| _adform object| adformtag object| _fscope object| delfi_afp function| uuid function| afp_desktop_interscroller function| afp_interscroller function| afp_pagebreak object| cookie function| Get_Cookie function| Set_Cookie function| Delete_Cookie undefined| en_container_id string| configId object| iframeConfObj function| setEnContainerId function| setConfigId object| cX string| CUSTOMER_ID object| adtlgcen_SETTINGS object| enr_vars function| BaseSize function| InViewNode function| InViewData function| ClientRectImpl function| onClickHandler function| en_adf_trackAD object| adtlgcen_Cookie object| en_ads object| loc_ object| en_slots object| adtlgcen function| en_regAD function| alen_onactiveelementchange object| admp_ object| __NUXT__ object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| __SENTRY__ string| GoogleAnalyticsObject function| ga object| PortalRoot object| google_tag_data object| gaplugins object| MobileAPI number| cp_user_package_counter object| gaGlobal object| gaData string| pp_gemius_identifier function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| fbq function| _fbq object| $nuxt object| LoginAPI object| DelfiAFPcounter object| jQuery18307192057084498296 function| cx_callQueueExecute function| cx_pollActivity function| cx_pollActiveTime function| cx_pollFragmentMessage function| _dct function| EDTracker object| _edtracker object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt boolean| _inter_adf_85794__rendered__ object| _inter_adf_85794 undefined| _adform_cb_1620471648609_8541003083785113 boolean| _inter_adf_840783__rendered__ object| _inter_adf_840783 boolean| _inter_adf_759342__rendered__ object| _inter_adf_759342 boolean| _inter_adf_534060__rendered__ object| _inter_adf_534060 boolean| __adform_onload function| ADFReload function| ADFCall function| ADFcall function| __adform_adbox_fixedLeft function| __adform_adbox_fixedCenter function| __adform_adbox_fixedRight function| __adform_adbox_fixedTop function| __adform_adbox_fixedMiddle function| __adform_adbox_fixedBottom number| __adform_adbox_init function| AdformWin1cdlx3h367s object| stroeerCore

0 Cookies

8 Console Messages

Source Level URL
Text
console-api error URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee(Line 1)
Message:
TCF v2.0 CMP service is not found or broken. If you are having trouble implementing TCF v2.0 CMP - please contact your Adnet media representative.
console-api error URL: https://keytarget.adnet.lt/stable/tmp-keytarget.min.js?id=delfi_ee(Line 1)
Message:
TCF v2.0 CMP service is not found or broken. If you are having trouble implementing TCF v2.0 CMP - please contact your Adnet media representative.
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050501.js?31061027(Line 6)
Message:
This ad's html cannot be accessed using the getHtml method on googletag.Slot. Returning the empty string instead.
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021050401.js?31060985(Line 6)
Message:
This ad's html cannot be accessed using the getHtml method on googletag.Slot. Returning the empty string instead.
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 127)
Message:
arResponse->{"pxcalls":"https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8miT3WzeqZiRDSAxA8y95V8NQ&gdpr=0&gdpr_consent=|https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=|https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=8miT3WzeqZiRDSAxA8y95V8NQ&gdpr=0&gdpr_consent="}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

29bb187d6f0bcd6ce0f08154768bb882.safeframe.googlesyndication.com
76c6ad8c06a7fe3ad6ce75500dd2b7bb.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ad4m.at
adnet-d.openx.net
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.travelaudience.com
ads.us.e-planning.net
ads.yieldmo.com
adservice.google.com
adservice.google.fr
adx.adform.net
af1.nh.ee
an.yandex.ru
ap.lijit.com
api.rees46.com
aud.pubmatic.com
banners.adnetmedia.lt
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bidswitch-eu.splicky.com
bn01.er.bemail.it
boot.pbstck.com
bttrack.com
c.amazon-adsystem.com
c.cintnetworks.com
c.eu1.dyntrk.com
c1.adform.net
cache.betweendigital.com
cc.adingo.jp
cdn.connectad.io
cdn.cxense.com
cdn.pbstck.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
cs.admanmedia.com
cs.media.net
csync.loopme.me
d.adroll.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dmp.rtbsrv.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eu-u.openx.net
eus.rubiconproject.com
event.clientgear.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.delfi.ee
g.nh.ee
g1.nh.ee
gaee.hit.gemius.pl
google-sync.rutarget.ru
green.erne.co
gum.criteo.com
h.delfi.ee
ib.adnxs.com
ic.tynt.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
intake.pbstck.com
js.cookieless-data.com
kdmp.kbntx.ch
keytarget.adnet.lt
loada.exelator.com
loadeu.exelator.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mwzeom.zeotap.com
nep.advangelists.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-match.dotomi.com
prebid.adnxs.com
prg.smartadserver.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.adhigh.net
r.turn.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.openx.net
rus.delfi.ee
s.adtelligent.com
s.amazon-adsystem.com
s.delfi.ee
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
scdn.cxense.com
scomcluster.cxense.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssp.adriver.ru
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1dmp.io
sync.1rx.io
sync.adtelligent.com
sync.bumlam.com
sync.clickonometrics.pl
sync.crwdcntrl.net
sync.dmp.kubient.net
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
trc.taboola.com
ts.delfi.ee
u-ams02.e-planning.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
user-sync.adxpremium.services
usermatch.krxd.net
usermatch.targeting.unrulymedia.com
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
aud.pubmatic.com
event.clientgear.com
104.111.230.142
116.202.80.167
142.250.74.194
151.1.205.165
151.101.1.108
151.101.114.49
151.101.13.44
151.80.63.13
154.57.158.50
159.253.128.183
159.65.197.210
162.55.6.211
168.119.127.61
168.119.149.178
169.197.150.7
172.217.23.98
174.137.133.49
178.162.133.149
178.250.2.131
178.250.2.151
18.156.0.31
18.195.54.133
18.197.133.56
18.198.69.109
185.184.8.30
185.20.100.192
185.20.100.194
185.20.100.195
185.29.135.233
185.33.221.53
185.33.221.89
185.64.189.110
185.64.189.114
185.64.189.249
185.64.190.78
185.64.190.80
185.64.190.81
185.86.138.121
188.165.4.142
188.42.191.196
192.132.33.46
193.0.160.128
193.200.125.15
193.200.125.237
193.232.148.144
198.148.27.140
199.232.137.44
2.18.232.7
2.18.233.180
2.18.233.201
2.18.234.21
2.18.235.93
2001:678:cb4:bbbb::11
2001:6d0:4001::226
208.100.17.187
212.82.100.182
213.155.156.180
213.19.147.45
213.19.162.41
216.52.2.48
23.45.99.241
23.79.143.124
2606:4700:10::6816:15d
2606:4700:10::6816:1857
2606:4700:10::6816:37ce
2606:4700:10::ac43:1997
2606:4700:20::681a:24e
2606:4700:3033::ac43:dcda
2606:4700:3039::6815:c06d
2606:4700::6810:cf3
2606:4700::6812:c05
2606:4700:e0::ac40:6208
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1450:4001:801::200e
2a00:1450:4001:808::2001
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9b
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00:2a7::268b
2a02:26f0:6c00:2bf::268b
2a02:6b8::90
2a02:fa8:8806:12::1400
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f106:83:face:b00c:0:25de
2a05:d018:24:b002:ebbe:4057:3491:6f67
2a0c:5c81:5139::2
3.127.51.194
3.221.146.169
3.81.223.233
31.172.81.158
31.172.81.159
31.172.81.160
34.205.3.24
34.231.187.28
34.255.31.14
34.75.21.179
34.98.107.212
34.98.64.218
34.98.67.61
35.186.253.211
35.190.0.66
35.196.115.239
35.201.81.244
35.201.96.126
35.227.248.159
35.241.40.233
37.157.2.248
37.157.4.23
37.157.6.252
37.252.161.190
38.27.122.126
46.249.52.248
46.249.52.249
5.178.65.252
5.254.23.213
51.144.7.192
51.15.145.115
51.178.20.140
51.210.112.63
51.77.53.76
51.89.9.253
52.142.85.218
52.208.100.147
52.30.135.179
52.30.14.23
52.46.130.13
52.49.40.147
52.57.150.20
52.58.248.2
52.95.123.41
54.165.137.101
54.174.195.234
54.64.53.220
54.76.226.57
54.76.71.14
54.77.19.59
54.78.254.47
62.149.0.72
65.9.73.35
65.9.86.127
66.155.71.149
66.155.71.25
69.173.144.138
69.173.144.165
72.251.241.196
76.223.111.131
77.243.60.138
80.64.106.149
81.222.128.214
82.145.213.8
85.114.159.93
88.214.206.247
88.99.149.88
88.99.242.108
89.108.119.43
89.163.159.101
02e39f03b9ffadb65751b0c2e1a21c45ecd0f8f5c053f5aa8152593983b20efa
02e89ae04433ec2555f27e543f23ba9361c23a8ad89d357ba5f8b40c83c6a231
030162818cc7b10740e08b77756409adb852f00485ecb982db2780874198e97f
034759a545e372f8668347d5b9c8c6f1b32f6fed8249ff6df729ffb019e0aaf0
057c01ea2c1f5359f07b81318324ee50e6b70872092f7ea49cb0da87876935f7
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
05e54ef038fd76d4b5ee2e108748918a711501b466e5c0795ec9104ec2011861
06877648c2d272535d9ae8ed5a8312e5226585df9cd882d5b8a472d842f4b8c6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0846bbba2be93e676a32eeca7d7e199b0fc5575dbe53a5c91c6a8ed646fd453c
0882559c8e30e34a358174e3fedc34de09873cc8d60260476a017eec4d8844ea
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bab303a3f138e7f38e516ec1465ad01d8a6c20c2ca2e45493f16415fd7da4fc
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ea1668f6f404eb9bb7582e8ce3378ddb87d02f4d6e7d2ae346769bbd5cb5aed
0fff8ae566092346fb77fad159453e1b95f0a51f0e79fcbf378440275ede0891
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b7669a7273651431f1e53e012d945b4c251bc208e39edcaaf35f6eed0d8262
128fe826f7377e487b7bf20d8a42b8f6c5acdb47def31508215d4e2a92a4e3a7
12fe6bc4ffa4e8f06b8397d44681b6146284fdd294e6efdabd5ce2ce6b6b7aa0
142e5269373cf4b3c704c5fde74a45d13f7442c9344179d24b18a1a7c35deeb8
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
16ac60e9013f5aa19a12e7295ebfe1b360d669f5ceded4ae23e38f0b51617d00
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
18ec9dc2de801792d6a6da883fc3793c9755c8b527265565e48e48aa1fa63229
1a86ba789e49ab76ba44efe69846c7bed3b357b9473154701a5b21d469c2f893
1c8d17033a2163e1a8664efa1afc8673f836de87e1a091b12501ec939f99a030
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1e5e7339a9b9859bb83c3e0361a2c7f1d8dd38e627b4245c13710bcc873da853
1e646f2027ff585c10441c4e8b16177c2359fd50fb8eb5f34bfc4e4149f10a2f
1ffa321405ed0e5ee8e110ff94912f3880290bd5cad0f8e210c16842c1f19b18
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2380f180199a4e2e4f231e34f97ac82949a84042e792ef5532be2956b99f563d
26930b7c44aa767a32b5d610cbe5dd0e275ef6ffce8f6e53257d98569242abbe
28131019a1aed19cc5a181385a4e6579fbc9c3680bc7040ff559fb5ad5c10160
2a3b7fa53ba2b9d603a19fd493b1783c4e2885da3d029d3a7f27b9004fe3c978
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad1e94146442c51e50b7cda1da6fa5fe2f09f62bf15ffc1404bbdeb3e50db8a
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31c882f98ed21fcc0f6d4936b6aebe9d768441e720e25e595d76bbd9fce04aac
32af77105549407dc4852de9f80c38efdd4ff752eff9c76c93ea014fb2cd87e2
339915a320943d2d72b50b87a44a03dd5945df0e720619199ec003af5a7a82a9
340424479ff46b66df4cf2aabeca2a63e6c8ec6bb2cd56ead896a706dc4599bc
3415d8e36b5eb74a39b9148c0de41f66d07bd88fafde42ca0f3d1edbe903585a
35289b2857834083283f46b25ef37a6a2ddfb6e27682926d67bc4b10b05285ba
3580bfbd4824fbfa481d683b9bd23ff151bfe4644c804a80aafb1d418d618ae1
35addb8316c70dbef18d37bbd1c25325a72277e2dfc9d7adcac3bad4866b5b0c
35b9e01dd9fe358c6c820adf535a9a4d22e4d7790a3bd48801e84cdc420b9b72
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36b9047813e6f481703f856ead5a9b02c9f46153c804c38ca315aaccd154c9fb
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39235861d9bc9a21651d032048c05298d7018a1a70de913b10fd48902e0cd339
3a2d20dcd7536c8e369c08a10b81dafe9098409037ae99d06aa9ebbbd2d4819c
3d5b913017774579b8e0649bd6e50621b4caad3526e89d3f11f0ab5687744fe3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e970c2705457508604dca133ddd492170f359137e6ce3ba09ebd4eb8f9d99ca
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f386caac01bdd2c7a548b3f8aee9dade06b3c2d211fef6c5a1ea8f098dcdbcc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41bc156e6475013e7b7f1ad4ab38456dcf4069e4c8cb507f6c2654af4548bd2b
43d770b69af69d2605e20517ba52e4bf913159fb0f3c20167513b0d9feb5cf6a
44473ed792d625972e61e3c5669e07df6b2c90c02f8c414aa8bbebbb472b84ba
44dad9f4b5fa756012db12dae57c0c691e2ab717639956bdac4f308b58174c35
453794044cbe337944329b6c97b4b90d45a266c1bd23bf28f17cc1d4ed27fe2a
45bea08c5d77fa2ee8c4cb955a0f51e2d25cd4c985677fe2ef31ad5466bd5932
4657cb2e2ed49bbdcef2bcdf9c6c63bc97328f244ae8642cba8104958bd1eb13
46bfcc499b55652cd794cfe8e7cedf8c301f90784055eda4cc5ff77e1b2c8c98
46ee74fe75fc92e84a80b2057442bd9c733b81421d187f7f6ceba6782a70007d
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
47868e828c299095ade714da488c6fac08e51e970c34c4d7286d6225938fde6c
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4921e948e84aafabbdfdd3d14f16ec9027ed437123ad306a8fe750e8404b5296
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4ae5ba9b20c6882a5620d61fbfb1890bd4691d0ed533ee0c65f68d6561a34d35
4d948e70c21745d88e856f422b051ce7b2fbbbc6bd5efd5863b7cf3662bcaa30
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2f906a1eb08017aa5a7d5e7a9cf90496cd2335aa8e66d50e47048231d58f0b
4e3adb0a2835be8dea6165a54ba56f5ae144048dc0fe9b3846e0deafb0bf5e1d
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fbeb6fbabfa0fd481759f0ed24b0bf85e51d495c3a64b9d66ee7b2c338f48bc
5074aa22f9638ceb6a58ab55d0098e73e72ae2700287a74f23eb2cb91e601557
50a907e94825e4a66e1eb49a5c9ae14c3a1fb657ff19db0fab6e6f917997f736
52036e323fca4d2cb6f0fee2d99bc0cff78cda2dfdded17e8280d92fc833e73c
5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f
53f771c08b2b15be6cfacf6070b6e7972034169688dd62d8bf84b8ddb5f58ccf
5482679067ff6c29ed682e7934c95d68eca4ff7e5aec02c40521b489600bdaf2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56428705248cf08b0cd89a498cc2a1f5c48122491ab3e39c2794afb4c3594f7b
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
569a1f80949c418a4117e80abd2d66ce8bb043446228c845d123eedd1f9ebf35
56aa2095fa8ff3dccf78bfaa83170bebbf2944110f225b93488448f0cdba4add
5797691548eb8ee126ca300c213860aac9a5c967f1066e301cffc03aa13e060e
583ecebd31065a02c5a0fa9fd30c5392428e96773035178b63e534f208efc217
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5b5539135143814703c866c2b8561b50641478c3996afafed0de64dc13eb67ff
5c492e57f28b3160f9025f7b8829a40e08c669bfeb5fe804e9b66b433452654a
5cd6b036d6efe02a83d8a5671ace48f3c303c219c51c0156fa0f4c2901d11540
5f7327b95bf371a4c3ef1740040621b45e118222ef098158feaf36f52d92410c
641b1618ebe754113b1e8eb71df2a970e5d09492c33c59059e7e7caf0806da1a
64fd71b8bb460fb9e9a94303f6515df02d0388762ca6adcd29b38354bd702050
654eecdc2f2a07a0501b0348571ef893742f635228d47a023fd62282d7efd1b0
671a9bcaa95524cbb87e4003e60b9b1bacc6735008296ad7087a706b8103d016
67502858bb2ea92e12d56fe4a8105d418e5d67307b70d7f611b55d13c3e9c91a
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6976b567ff0c1b6de18e250b03f65237744b07900c8f6cecc2fdd9c52d71a52a
6994d4736f96c2c4062cf546263abeba83c90086e77a5aa965fd726c78005bcd
69b793a3d82cceda306dc810d00dc03aa14d70500fd24aacc8fc7662227ee478
69d45d72395d7e5d89b4885e0eac760b094774adfa0428db369bb23dd0fa5eaa
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b80602adff90338777660352c19a01224ee11ee235dd49ebcd908bf7f3e1a09
6b9f95f4fbb15d9fa44fb88e47f3e4639523c6f631ef46b6ad59866d2bbe1fa0
6e67b2fe28f343e9e8d31f0a817790dd5d30b670b78385b09132106002989f05
6fd7ab25927054bd18a1c32381939f0561bed1b3c111a3ca3eb58e70b8e3af24
7049a4f7cd4ce721bc6e92da994bfabc27107d487da15d691a935738f46bda83
71ad120eb004fef8f4e3674c15965e6aacc6131cf393df7dbf19fee7f3f0b0de
72c3f8669452c5797aae34a2422357887246d347f969b679c8ee610cb51cc97f
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
77961ad715016b5da753cdc9b9dbaf1f1732c28a8214f866fa08b28892083d58
77e6628996cfb92462cbf1c30bc1c3706b7d8f28d7e27249dc46e29f171eac7b
78fcc5825faff48fe9269ffaf37ce4cdeb2af6a1ba3ee4df047ce81f49f8da09
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7a785e674d7e0a971efb769521d506914d875c0cbb461fbf0ee92885725ef03d
7aeee44ef9a56da8e8ed2f7e509f85427a6f284eafdc10aac94ce0897366b3e5
7af09777506403f29debc9e48dbfaaedef754d387d8837284d53c8a3d647d9b2
7bee3605425960018863494f9e34fd879a782a065309299c0e50d401d60949b6
7c1220b71998478ef41125e2a15b48b908f0270dd02b8222246913d059d03593
801739505e546b0de4cc1be031d92e22aa81668a2720e49648ec45fec81b0a2c
817c9c73e27e9661585ef0fac06feb9770272594c3a3e53a35b29924cced9d2b
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859ca09d35e47fed4262ed3230d408da83dc76731555d4a22663f8f54ab61b60
8800a7262c59a4379d211b4c92c7fc9e6457b20dd8f789bb1567e25b3134a8c8
885db6712dc3711368dfe2d8b0abb497107dc672d77847d9b2585268210f26c3
8d0699772b8ca80d6ef1ac55871141afd77cda372f15f1a97b74b41dae70ab25
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e26a0d9dc59223dbbb31170eb115988601256e7832fc6f3f78b06cf51837d5a
8efa0b5f70f2f4dd60cbff9f4d37628167042eea2566db828edaf9ac558e95d6
92c1ee9a534a15c6c3a2a99829b0c6de0ef955462a218ca909cf4f67ad68e8ed
947ca71cb65ed87a6441fd9bf355f16d172b70319b714d96383ba012519ff3e9
976aa9316a414279bdc0ef0c2451df1991ae7b04ec0b356e2ca11450244c3031
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c853b97d55b8135ca740f3d14ffb477b378b0ff0f10301e85492f268c7e8f02
9cd58fce5ff7afd625c8e887719242e31afdc0bbfd418eb34d1eb8c9789b84a4
9f7497004bed56a136c5aed08783fcbb013ad0c4e8b724bcdd49468ec241e914
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3d48bb55bc67b907afb049d2b099399b322d0a3c07720ced8e1265ce9433b48
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a6fffe87a773eda3ebd5d71066c42e4f841e798008afc527a68f26edc4820684
a70df2bb078a5cb256f58843867a8f4b93127bce23de81df688ace162e10a30e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a85cd8c72573a254d54a42dc1b89024d309ec82beb4b0bb7a230ee4213cb7aa1
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae2f89249096099910c2c00dad04acb1f70b65f588a68b0cea4d79eab011f499
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb2a26519d5752d8ebfc1885945e49bae1a31f24ed4225831e20f13e7ceae63
b11dac150a996722bd1f33996712764ad3d194beeb306800afa57c96fe1ff634
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b35d8536a51dfe47f15c95aa5cdd29221754a4aa5ada9f72d244554b4ba4d0ec
b419adf767e47c16583e61f38e6b2cdbc4c784e619526ba8ac05a22cf2ced1ef
b4adb62c23ad29be1013ad4144ac8c32954c91ef3064dc9e2e86bbb42e0bdb7c
ba1823eb5f5edb536904e509a4b974537eddd1d66ebdd40d55fda680cf93d72d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bcebbd32052e716576f6eda84332d07e50f8c1b800159c9a6c79bca6005e7cbc
bd50e622cfd440f45c5b074bcc1ee6194bc8e30cf39f83b2c17ccfe36b6ab30d
bed69f80ab711225d0313ddc486466fa58a5109d26cef8208ac31128e435e6c0
c0a425428b89621c7b01a0d441290bcca9cb2952f1a931e11706d411074ab600
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2aa490fd2935bc02e8eac297a35c1bcc80d1ff4ca53ddf0682581b00ed9ff00
c5a0ab86e2728f213526a8ccb95aaf1a4a3519420e63e1e049c535fed642b2dc
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c79e814078bb2afb3adcf19e8b6a0f38177d326b743de187bb37a93feec3ffbf
c7cb88ba73f19828b58453fb8e0821d4e231c31a893aacbf3c9a28d519abef75
ca4f1d4eaa6c11f7cda505e0fd68a1da43a50c39d79e7828de1cb2578c1af918
ca5669a2cb837103abea317f22a9ec0870cedcce49161236c301d2baea30bb95
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
ce3ed7453ce7992665c50f0be1a2ffb1d60a0e8ce5711b00be67b134278fbedb
cf1a1e48ae6e0ef617e50cfd98f7351c8620b48743ff38e029aab93692dfa610
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04730ea1ae5f8ffe3a2fa915a4d851c92f204e6917ae2425e47da61eac618b4
d3759299ce00e3bac2782faf02d6f1962e5c88b04e9682224f5852d0c86b6480
d3ab6c541c0d2ab76b7dc0ed0c60dca7649eb87fb3cfde8b6f503d442f276a8d
d49469a0d31e730f5a8fb390d46ee22abcbf596f70d834c3a0951677b1900c94
d53daf4245b6eafe2611089f59f1927ac0e109f3400286953100e8c621ffb8e7
d5cb6ca70e8138c3a7ac779e392f9e1d400f7be6d64df272e032a226d461f06a
d7b663b8df441e7cbe2c21d80026cebeb77521bf57fc92eb8808ba64f0842117
db3172da9234e21da35c00314879e1cfd00980a851ba10c07946d053f5fbd4a4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e015dff705963824c8a02ede663ad5f934d18f38bf71967c7dc5344022db5f45
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09
e26649b97dd3627c505e358aaaa2bcd8cbf0fbaac3bf08ab77e50f946fba538c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a259085a34b5a95c2cff2cdda597cfcda9317e2a1274c407a0e9d9b3e4af46
e5b5f10e2f329f107d7a48b4d4dd02da5da66b94efc9a8eea906ded9eeec13cf
e869425f84628a92310f015b32f64e2e388df4e87aaf7974a5360dad1b11cca0
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e92a3f6e17de0a7383624e68abbb54cb1220433eb52bf49620c9dcf712f57717
e95a6da889b2adeba3b0b52ab9af956d2275b7e83229454f9226f4494e69048b
e9bb1331830a18e2504d966f1fa931e711cad726e454722f324d63534cec97d9
eb5ada54a1da47d3bcfc18d4e9e4e7c8e798efd987eb210c03e6f2bc80e81673
ebaacd0f5a22f262245f3fd2c3ff3d02db1b6584186db4e6f7ae95026b5df2bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0211f93e9da6cc77049fc3229d82ce0a7062c364436c1ba6cdb62caf2ec19e5
f0248976da97cef9d507c26ab78186f1fc82a4dc71963f29cc49946f09e72d69
f0423785dd9cd1e572ad2bf6dd1a358b0bdc3d33a7c892eab0c1a625faf84d58
f1bb4f4e526c417896deb5521d188bd77fc982b0ed258cfbfa91dccc681548e0
f42cf69c31cc8195800a5221d5034eb70df955bc2cd75a2934fd00bdc9cd73de
f62a26affd4ea87eaa28955c9d923bd34172af63cda5b6648d176442b2067ec8
f644111d79c25160befe025154fc7d8edb57ebcda35b0a2df2c413405a408d2b
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
f79b1fc394de95d8e7865fa5d1c6315ea504b6e8fce3ad29c5f7ed34a0c07467
f7e69d250e3f9dff9ff8a545496d4dae4d12ac211b6b876e3cb5d2fd49a1a283
f8719beea235e716e72ddf39b7ff770a3bdc05815cabbb114cdb47295c547698
f9763578aa7864886520b5cccfedf342e52a71d04a8302f7aa7180f116b70c5c
f9a5544263db8d83c939a55c05c3ed6dbf75f37c0b587eb411285b5a3e865467
fb0a6924423ccf7d116f277f94c55ac3ac6328833a8b821e8d4e0fad48e116bd
fb5a11a3853ece18e16cda10777c9817a570e96dd1808cef1cc3b2208ad99f8b
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5
fd51eae6991722ff2a2f91a9ee18b305de316d3841963b850f4f44470b591060
fd5f6f0597c3f2ce1dade791c8a00a28739e15db553e1b845e6aa9dfef4d9198
fe14691eaf6f312aa9cba15deec03bd65359619b792917651460c4d089fe2645
ff2176156ba8f5fde87635106f0a5c2d6552c21b2ef64702c3398cfc73a992dd