urlscan.io logo urlscan.io
SecurityTrails logo

glavred.info Open in urlscan Pro
104.26.14.241  Public Scan

Go To Rescan Add Verdict Report
URL: https://glavred.info/
Submission: On June 10 via manual from UA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 93 IPs in 13 countries across 92 domains to perform 278 HTTP transactions. The main IP is 104.26.14.241, located in United States and belongs to CLOUDFLARENET, US. The main domain is glavred.info.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 16th 2021. Valid for: a year.
This is the only time glavred.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 104.26.14.241 13335 (CLOUDFLAR...)
1 195.137.240.103 29389 (ASN-UNIAN)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 146.59.10.80 16276 (OVH)
4 2620:1ec:29::67 8068 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 62.244.25.71 3254 (LUCKYNET ...)
10 142.250.185.162 15169 (GOOGLE)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 13.107.21.200 8068 (MICROSOFT...)
1 62.244.25.85 3254 (LUCKYNET ...)
6 2a0c:5c81:514... 55081 (24SHELLS)
1 2a0c:5c81:509... 55081 (24SHELLS)
1 1 162.55.6.210 24940 (HETZNER-AS)
4 13 62.149.0.72 15497 (COLOCALL ...)
2 193.200.65.5 6681 (GIVEME-CLOUD)
1 37.18.16.22 205675 (HYBRID-AS)
2 213.174.135.2 39572 (ADVANCEDH...)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
4 5 185.184.8.65 204995 (RTB-HOUSE...)
5 8 185.33.220.244 29990 (ASN-APPNEX)
2 178.250.2.131 44788 (ASN-CRITE...)
1 146.0.227.107 29066 (VELIANET-...)
1 2 188.42.196.115 7979 (SERVERS-COM)
1 34.98.64.218 15169 (GOOGLE)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 213.19.162.51 26667 (RUBICONPR...)
4 23.218.208.200 16625 (AKAMAI-AS)
3 2600:9000:218... 16509 (AMAZON-02)
2 3 37.157.6.245 198622 (ADFORM)
2 185.59.220.194 60068 (CDN77 (^_^)/)
1 2a0c:5c81:513... 55081 (24SHELLS)
1 2 46.249.52.248 50673 (SERVERIUS-AS)
1 1 34.233.79.92 14618 (AMAZON-AES)
1 13 18.197.81.144 16509 (AMAZON-02)
2 51.38.120.206 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 66.155.71.150 13768 (COGECO-PEER1)
6 5.178.65.246 50673 (SERVERIUS-AS)
3 3 213.19.147.45 3356 (LEVEL3)
4 6 13.248.242.197 16509 (AMAZON-02)
3 46.249.52.249 50673 (SERVERIUS-AS)
5 5.178.65.253 50673 (SERVERIUS-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.227.252.103 15169 (GOOGLE)
3 6 100.26.82.13 14618 (AMAZON-AES)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 168.119.146.39 24940 (HETZNER-AS)
3 178.162.133.149 60781 (LEASEWEB-...)
4 4 18.156.0.31 16509 (AMAZON-02)
2 2 88.214.206.142 46636 (NATCOWEB)
1 1 2a00:7c80:0:1... 49981 (WORLDSTREAM)
2 2 2.19.35.65 16625 (AKAMAI-AS)
4 104.109.78.125 16625 (AKAMAI-AS)
2 185.64.189.115 62713 (AS-PUBMATIC)
4 15 23.218.208.246 16625 (AKAMAI-AS)
1 18 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 62.209.227.210 5588 (GTSCE GTS...)
8 2a00:1450:400... 15169 (GOOGLE)
11 104.19.134.78 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 52.94.232.32 16509 (AMAZON-02)
8 11 142.250.185.130 15169 (GOOGLE)
4 6 34.251.130.56 16509 (AMAZON-02)
1 1 52.71.142.200 14618 (AMAZON-AES)
1 1 54.78.251.22 16509 (AMAZON-02)
4 4 151.101.14.49 54113 (FASTLY)
4 4 185.29.135.234 30419 (MEDIAMATH...)
1 1 185.33.223.222 29990 (ASN-APPNEX)
3 4 35.227.248.159 15169 (GOOGLE)
2 4 37.157.4.25 198622 (ADFORM)
1 199.232.137.44 54113 (FASTLY)
1 2607:ae80:5::48 26558 (FREEWHEEL)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 18.200.233.208 16509 (AMAZON-02)
1 18.198.126.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.101 24961 (MYLOC-AS ...)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 52.29.225.117 16509 (AMAZON-02)
2 34.98.67.61 15169 (GOOGLE)
2 52.210.238.250 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 107.21.231.45 14618 (AMAZON-AES)
1 2 52.95.123.167 16509 (AMAZON-02)
1 2 23.45.99.241 16625 (AKAMAI-AS)
1 34.251.31.154 16509 (AMAZON-02)
1 52.84.174.92 16509 (AMAZON-02)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 51.15.145.115 12876 (Online SAS)
1 67.202.110.21 32748 (STEADFAST)
5 104.19.135.78 13335 (CLOUDFLAR...)
1 3 52.222.174.113 16509 (AMAZON-02)
1 2a00:1288:110... 34010 (YAHOO-IRD)
1 37.252.172.249 29990 (ASN-APPNEX)
1 1 2001:678:cb4:... 56396 (TURN)
1 1 52.45.55.28 14618 (AMAZON-AES)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 104.19.217.61 13335 (CLOUDFLAR...)
4 4 52.28.196.155 16509 (AMAZON-02)
2 2 54.208.167.73 14618 (AMAZON-AES)
1 2600:1f18:444... 14618 (AMAZON-AES)
1 104.16.199.73 13335 (CLOUDFLAR...)
2 69.173.144.139 26667 (RUBICONPR...)
2 2 104.111.237.88 16625 (AKAMAI-AS)
2 3.124.210.90 16509 (AMAZON-02)
2 34.253.111.115 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
278 93
29    104.26.14.241 (United States)

ASN13335 (CLOUDFLARENET, US)
glavred.info
images.glavred.info
1    195.137.240.103 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
pogoda.unian.net
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
4    146.59.10.80 (France)

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu
gaua.hit.gemius.pl
4    2620:1ec:29::67 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
4    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:3037::ac43:a669 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
3    2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    62.244.25.71 (Ukraine)

ASN3254 (LUCKYNET Lucky Net Ltd, UA)
newscode.online
10    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    62.244.25.85 (Ukraine)

ASN3254 (LUCKYNET Lucky Net Ltd, UA)
rus.redtram.com
6    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
1    162.55.6.210 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.210.6.55.162.clients.your-server.de
csync.loopme.me
13    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
sync.console.adtarget.com.tr
2    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
1    37.18.16.22 (Netherlands)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
2    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
4    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
8    185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    146.0.227.107 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adtelligent-d.openx.net
1    2606:4700:e0::ac40:631d (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adxpremium.services
1    213.19.162.51 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    2600:9000:218c:4a00:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
3    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
2    185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-194.datapacket.com
cdn.admatic.com.tr
1    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
2    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
1    34.233.79.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
13    18.197.81.144 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ih.adscale.de
2    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.se
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
6    5.178.65.246 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
u-ams02.e-planning.net
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
6    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
3    46.249.52.249 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
sync.e-planning.net
5    5.178.65.253 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
1    2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
6    100.26.82.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
a.audrte.com
1    2a02:fa8:8806:20::2040 (United States)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
3    168.119.146.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de
sync.richaudience.com
3    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    2a00:7c80:0:120::2 (Netherlands)

ASN49981 (WORLDSTREAM, NL)
ufo.approximity.com
2    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
15    23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
18    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    62.209.227.210 (Prague, Czech Republic)

ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ)
bbnaut.ibillboard.com
8    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
11    104.19.134.78 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.94.232.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
11    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
6    34.251.130.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-130-56.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    52.71.142.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
1    54.78.251.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-251-22.eu-west-1.compute.amazonaws.com
d.adroll.com
4    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    185.29.135.234 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    185.33.223.222 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
adscale-emea.adnxs.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
4    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2607:ae80:5::48 (United States)

ASN26558 (FREEWHEEL, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:d120:1359:acbb:2de6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    18.200.233.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-233-208.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Bellagio, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
idsync.frontend.weborama.fr
1    89.163.159.101 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    52.29.225.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
aa.agkn.com
2    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    52.210.238.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
beacon.krxd.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    107.21.231.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usermatch.krxd.net
2    52.95.123.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    34.251.31.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    52.84.174.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-92.cdg50.r.cloudfront.net
tags.crwdcntrl.net
8    2606:4700:20::681a:24e (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    51.15.145.115 (Paris, France)

ASN12876 (Online SAS, FR)
js.cookieless-data.com
1    67.202.110.21 (Crown Point, United States)

ASN32748 (STEADFAST, US)
ssc-cms.33across.com
5    104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)
c.mgid.com
cm.mgid.com
3    52.222.174.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-113.cdg50.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    52.45.55.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacon.lynx.cognitivlabs.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
4    52.28.196.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    54.208.167.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i.liadm.com
1    2600:1f18:444a:4602:b51a:2bef:14:5241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    104.111.237.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-88.deploy.static.akamaitechnologies.com
tracking.m6r.eu
2    3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ps.eyeota.net
2    34.253.111.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
Apex Domain
Subdomains		 Transfer
29 glavred.info
glavred.info
images.glavred.info
583 KB
19 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
157 KB
18 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
5 KB
17 googlesyndication.com
pagead2.googlesyndication.com
52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
tpc.googlesyndication.com
64 KB
16 mgid.com
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
107 KB
16 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
sync.e-planning.net
s.e-planning.net
19 KB
16 adscale.de
js.adscale.de
ih.adscale.de
16 KB
16 adtelligent.com
ghb.adtelligent.com
sync.adtelligent.com
player.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
s.adtelligent.com
18 KB
15 casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
18 KB
10 adnxs.com
ib.adnxs.com
adscale-emea.adnxs.com
secure.adnxs.com
7 KB
9 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
sync.crwdcntrl.net
16 KB
9 rubiconproject.com
fastlane.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
23 KB
8 quantumdex.io
sync.quantumdex.io
4 KB
8 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
dis.criteo.com
4 KB
7 adform.net
cm.adform.net
dmp.adform.net
track.adform.net
c1.adform.net
3 KB
7 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr
4 KB
6 yahoo.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
pr-bh.ybp.yahoo.com
5 KB
6 audrte.com
a.audrte.com
7 KB
6 adsrvr.org
match.adsrvr.org
2 KB
6 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
34 KB
6 google.com
www.google.com
adservice.google.com
2 KB
6 clarity.ms
www.clarity.ms
c.clarity.ms
22 KB
5 mathtag.com
sync.mathtag.com
pixel.mathtag.com
3 KB
5 creativecdn.com
prebid-eu.creativecdn.com
creativecdn.com
1 KB
4 bidswitch.net
x.bidswitch.net
2 KB
4 tapad.com
pixel.tapad.com
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
2 KB
4 google-analytics.com
www.google-analytics.com
19 KB
4 gemius.pl
gaua.hit.gemius.pl
12 KB
3 liadm.com
i.liadm.com
i6.liadm.com
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
936 B
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
53 KB
3 googletagservices.com
www.googletagservices.com
102 KB
3 sonobi.com
sync.go.sonobi.com
1 KB
3 richaudience.com
sync.richaudience.com
743 B
3 google.de
www.google.de
321 B
2 eyeota.net
ps.eyeota.net
2 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 turn.com
ad.turn.com
d.turn.com
836 B
2 criteo.net
static.criteo.net
53 KB
2 bluekai.com
tags.bluekai.com
649 B
2 mookie1.com
odr.mookie1.com
430 B
2 weborama.fr
idsync.frontend.weborama.fr
844 B
2 demdex.net
dpm.demdex.net
2 KB
2 tidaltv.com
sync.tidaltv.com
792 B
2 admanmedia.com
cs.admanmedia.com
829 B
2 1rx.io
sync.1rx.io
1 KB
2 onetag-sys.com
onetag-sys.com
2 KB
2 admatic.com.tr
cdn.admatic.com.tr
21 KB
2 openx.net
adtelligent-d.openx.net
rtb.openx.net
890 B
2 betweendigital.com
ads.betweendigital.com
1 KB
2 trafmag.com
t.trafmag.com
462 B
2 adtcdn.com
player.adtcdn.com
121 KB
2 cloudflareinsights.com
static.cloudflareinsights.com
10 KB
2 googletagmanager.com
www.googletagmanager.com
70 KB
1 idealmedia.io
cm.idealmedia.io
448 B
1 lentainform.com
cm.lentainform.com
531 B
1 rfihub.com
p.rfihub.com
776 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
383 B
1 33across.com
ssc-cms.33across.com
1 cookieless-data.com
js.cookieless-data.com
367 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
38 B
1 agkn.com
aa.agkn.com
379 B
1 theadex.com
dmp.theadex.com
378 B
1 adition.com
dsp.adfarm1.adition.com
596 B
1 bemail.it
bn01.er.bemail.it
659 B
1 exelator.com
loadeu.exelator.com
324 B
1 fwmrm.net
dmp.v.fwmrm.net
361 B
1 taboola.com
trc.taboola.com
163 B
1 adroll.com
d.adroll.com
112 B
1 extend.tv
sync.extend.tv
546 B
1 googleapis.com
fonts.googleapis.com
674 B
1 ibillboard.com
bbnaut.ibillboard.com
550 B
1 approximity.com
ufo.approximity.com
279 B
1 dotomi.com
prebid-match.dotomi.com
104 B
1 navdmp.com
tag.navdmp.com
4 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
490 B
1 sitescout.com
pixel.sitescout.com
288 B
1 google.se
adservice.google.se
853 B
1 advangelists.com
nep.advangelists.com
229 B
1 adxpremium.services
rtb.adxpremium.services
893 B
1 admixer.net
inv-nets.admixer.net
502 B
1 hybrid.ai
dm.hybrid.ai
238 B
1 loopme.me
csync.loopme.me
209 B
1 redtram.com
rus.redtram.com
236 B
1 bing.com
c.bing.com
390 B
1 newscode.online
newscode.online
5 KB
1 unpkg.com
unpkg.com
2 KB
1 unian.net
pogoda.unian.net
1 KB
0 ib-ibi.com Failed
global.ib-ibi.com Failed
278 92
Domain Requested by
19 glavred.info glavred.info
static.cloudflareinsights.com
15 mwzeom.zeotap.com 1 redirects ads.us.e-planning.net
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
10 dsum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
10 images.glavred.info glavred.info
9 cm.g.doubleclick.net 8 redirects bcp.crwdcntrl.net
8 sync.quantumdex.io ads.us.e-planning.net
sync.quantumdex.io
ssum-sec.casalemedia.com
8 tpc.googlesyndication.com 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 ib.adnxs.com 5 redirects player.adtcdn.com
spl.zeotap.com
ssum-sec.casalemedia.com
7 sync.adtelligent.com 3 redirects player.adtcdn.com
s.console.adtarget.com.tr
s.adtelligent.com
7 securepubads.g.doubleclick.net glavred.info
securepubads.g.doubleclick.net
52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
www.googletagservices.com
6 bcp.crwdcntrl.net 4 redirects ssum.casalemedia.com
tags.crwdcntrl.net
6 a.audrte.com 3 redirects ads.us.e-planning.net
a.audrte.com
s.console.adtarget.com.tr
6 match.adsrvr.org 4 redirects ssum.casalemedia.com
bcp.crwdcntrl.net
6 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
6 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
s.adtelligent.com
js.adscale.de
ads.us.e-planning.net
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
5 cm.mgid.com jsc.mgid.com
52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
5 s.e-planning.net ads.us.e-planning.net
5 www.google.com glavred.info
52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 x.bidswitch.net 4 redirects
4 c.mgid.com jsc.mgid.com
52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
4 pixel.tapad.com 3 redirects ads.us.e-planning.net
4 sync.mathtag.com 4 redirects
4 sync-tm.everesttech.net 4 redirects
4 eus.rubiconproject.com ads.us.e-planning.net
cm.mgid.com
eus.rubiconproject.com
4 ups.analytics.yahoo.com 4 redirects
4 creativecdn.com 4 redirects
4 ads.pubmatic.com s.console.adtarget.com.tr
ads.pubmatic.com
ads.us.e-planning.net
4 ghb.adtelligent.com player.adtcdn.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.clarity.ms glavred.info
www.clarity.ms
4 gaua.hit.gemius.pl 1 redirects glavred.info
gaua.hit.gemius.pl
3 s-img.mgid.com 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
3 sb.scorecardresearch.com 1 redirects jsc.mgid.com
52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
3 dmp.adform.net 2 redirects spl.zeotap.com
3 www.googletagservices.com securepubads.g.doubleclick.net
52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 ssum.casalemedia.com 2 redirects ads.us.e-planning.net
3 sync.go.sonobi.com ads.us.e-planning.net
sync.quantumdex.io
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 sync.e-planning.net ads.us.e-planning.net
sync.quantumdex.io
3 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 gum.criteo.com 1 redirects static.criteo.net
3 www.google.de glavred.info
3 stats.g.doubleclick.net www.google-analytics.com
2 sync.crwdcntrl.net bcp.crwdcntrl.net
2 ps.eyeota.net s.console.adtarget.com.tr
2 tracking.m6r.eu 2 redirects
2 token.rubiconproject.com eus.rubiconproject.com
2 i.liadm.com 2 redirects
2 track.adform.net 2 redirects
2 cdn.mgid.com 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
2 static.criteo.net player.adtcdn.com
static.criteo.net
2 tags.bluekai.com 1 redirects bcp.crwdcntrl.net
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 odr.mookie1.com spl.zeotap.com
52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 ssum-sec.casalemedia.com ssum.casalemedia.com
sync.quantumdex.io
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 fonts.gstatic.com fonts.googleapis.com
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 secure-assets.rubiconproject.com 2 redirects
2 cs.admanmedia.com 2 redirects
2 sync.1rx.io 2 redirects
2 onetag-sys.com s.adtelligent.com
sync.quantumdex.io
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 ads.betweendigital.com 1 redirects player.adtcdn.com
2 bidder.criteo.com player.adtcdn.com
static.criteo.net
2 mug.criteo.com glavred.info
2 player.adtelligent.com player.adtcdn.com
2 t.trafmag.com glavred.info
s.adtelligent.com
2 c.clarity.ms 1 redirects glavred.info
2 player.adtcdn.com glavred.info
2 static.cloudflareinsights.com glavred.info
2 www.googletagmanager.com glavred.info
1 d.turn.com 1 redirects
1 cm.idealmedia.io 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
1 i6.liadm.com 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
1 cm.lentainform.com 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
1 dis.criteo.com 1 redirects
1 c1.adform.net ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 ad.turn.com 1 redirects
1 secure.adnxs.com ssum-sec.casalemedia.com
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 servicer.mgid.com jsc.mgid.com
1 ssc-cms.33across.com sync.quantumdex.io
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 adscale-emea.adnxs.com 1 redirects
1 d.adroll.com 1 redirects
1 sync.extend.tv 1 redirects
1 www.gstatic.com 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
1 fonts.googleapis.com 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
1 jsc.mgid.com 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
1 bbnaut.ibillboard.com 1 redirects
1 ufo.approximity.com 1 redirects
1 prebid-match.dotomi.com ads.us.e-planning.net
1 rtb.openx.net 1 redirects
1 tag.navdmp.com ads.us.e-planning.net
1 sync.targeting.unrulymedia.com 1 redirects
1 pixel.sitescout.com 1 redirects
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.se securepubads.g.doubleclick.net
1 nep.advangelists.com 1 redirects
1 s.adtelligent.com s.console.adtarget.com.tr
1 cm.adform.net s.console.adtarget.com.tr
1 ghb2.adtelligent.com player.adtcdn.com
1 fastlane.rubiconproject.com player.adtcdn.com
1 rtb.adxpremium.services player.adtcdn.com
1 adtelligent-d.openx.net player.adtcdn.com
1 inv-nets.admixer.net player.adtcdn.com
1 ghb1.adtelligent.com player.adtcdn.com
1 prebid-eu.creativecdn.com player.adtcdn.com
1 dm.hybrid.ai glavred.info
1 csync.loopme.me 1 redirects
1 s.console.adtarget.com.tr player.adtcdn.com
1 rus.redtram.com glavred.info
1 c.bing.com 1 redirects
1 newscode.online glavred.info
1 unpkg.com www.googletagmanager.com
1 pogoda.unian.net glavred.info
0 global.ib-ibi.com Failed bcp.crwdcntrl.net
278 141
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-02-16 -
2022-02-15		 a year crt.sh
www.unian.net
R3		 2021-05-24 -
2021-08-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2019-09-11 -
2021-09-24		 2 years crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-01 -
2022-06-01		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-05-17 -
2021-08-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
newscode.online
R3		 2021-05-17 -
2021-08-15		 3 months crt.sh
c.msn.com
Microsoft RSA TLS CA 02		 2021-02-03 -
2022-02-03		 a year crt.sh
*.redtram.com
Sectigo RSA Domain Validation Secure Server CA		 2020-02-10 -
2022-02-13		 2 years crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-05-06 -
2021-08-04		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-06-02 -
2021-08-31		 3 months crt.sh
sync.adtelligent.com
R3		 2021-06-05 -
2021-09-03		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-28 -
2021-11-27		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2020-08-17 -
2021-11-26		 a year crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
ghb2.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adscale.de
Amazon		 2020-09-06 -
2021-10-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-06-06 -
2021-09-04		 3 months crt.sh
sync.console.adtarget.com.tr
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-05-24 -
2021-08-22		 3 months crt.sh
onetag-sys.com
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
*.google.se
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.e-planning.net
R3		 2021-06-04 -
2021-09-02		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.redinuid.imrworldwide.com
Amazon		 2021-06-08 -
2022-07-07		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
js.cookieless-data.com
R3		 2021-05-15 -
2021-08-13		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.liadm.com
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
*.eyeota.net
R3		 2021-04-29 -
2021-07-28		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh

This page contains 36 frames:

Primary Page: https://glavred.info/
Frame ID: 03D87FDCDA7D17ACFE54DCF544E38E06
Requests: 88 HTTP requests in this frame

Frame: https://glavred.info/content/redtram-homepage-ru.html
Frame ID: 8DCD9B85E233C3EA93D0E983B24DC0B3
Requests: 5 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=609096
Frame ID: 431B351553CF34A4C7AEB43125CC597D
Requests: 3 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=cc4552cd-e476-44b7-b964-8e45288ae348
Frame ID: 7054A84AA943B95E194A9B10D3C03B77
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 55CD6C11BB82B6D3C9C846AD465ADB6C
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 07D03BE91AA6338E4F151525C1C7992F
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 4093BE262C9574CAF0816E6E7CCB4BFF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 64A63A097E24D28028D2065020861FE7
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=609724
Frame ID: 79FDB6F3D05E6F797F32B89319CD9889
Requests: 4 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=1uZjZdyPuZNNEBQIFQk4&pi=admatic&tc=1
Frame ID: 879F8B72D01E2D35EDFBC4854B0B096B
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: EC81E5CC75D92CE4337948A791C392BC
Requests: 22 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 51F87EC4577BB01469B51D9656AA4F1E
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307355&extuid=1uZjZdyPuZNNEBQIFQk4&pi=adtelligent
Frame ID: EB684E609001D43312095281BDCE108D
Requests: 1 HTTP requests in this frame

Frame: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 892C34FDDC3D595BE264B89C2AE378E0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 523C879DAFB32B57D5CFDBB774B652A4
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 4DE4272688026955D16993FBE93582CC
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D26681ece3803b4fc%26uid%3D
Frame ID: 3F41ADC1D1096AD57F69DC3EDDD865CE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E30C9446F16D5BEFD50A69E38A8C6C73
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: C032910EDDFCE9E3B1E9EA952855261F
Requests: 11 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D&s=190243&C=1
Frame ID: 8555539B5D7E57AF6969E8B6B4EF68D9
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361&cmp=0
Frame ID: 2B0A404B235BB726DC1CFF074D3E9E3A
Requests: 31 HTTP requests in this frame

Frame: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 28157BED6AD8E3C776167E2512410DDB
Requests: 16 HTTP requests in this frame

Frame: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2D334869D58AACBF8C84B58685420B9B
Requests: 29 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: A731F6AFA9394CE471A8D7043E2AB5DA
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: EB324BECFF30165A419EB5FB15AE7C80
Requests: 9 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ABxeWzrge69KvDA2
Frame ID: A440EAE5A56DE6B434144BBA2A4EC0E9
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: C460902BFBBDDBF18C0E848D85C1E887
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: B9B3508F26A30B6C3FE5E457080825D3
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 63D72D8A9B8D73F1AC89BE9A87CF26CB
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 4D0BFD4BD9674820C4F9B0D4A16CA164
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1623328036245413325051
Frame ID: DCCBFFE11701D2B06A0ADEB9203F3996
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 291FC0EFDE08744C6DA6C88BE027A218
Requests: 3 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=207581619/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: F5DE5815FA469E0432F435BBBF4069F6
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=glavred.info
Frame ID: 63BA908404442A2FB3B82BB633345E10
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: B1CB2109C265E8D4D34CA328BD80735B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B2C027167EE1C9C97554DB8153E19FEA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: %
Detected patterns
  • script /hit\.gemius\.pl\/xgemius\.js/i
  • script /hit\.gemius\.pl/i
  • script /xgemius\.js/i

Page Statistics

278
Requests

100 %
HTTPS

29 %
IPv6

92
Domains

141
Subdomains

93
IPs

13
Countries

1584 kB
Transfer

3809 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=CB776C090B534C5DACDF06B7FCC77BF2&RedC=c.clarity.ms&MXFR=01A488BD0CDB62DF3AD598EF08DB6CED HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=CB776C090B534C5DACDF06B7FCC77BF2&MUID=0BA901B3C6216BCD0D8B11E1C7096AF6
Request Chain 49
  • https://gaua.hit.gemius.pl/_1623328033436/rexdot.js?l=100&id=d1NFzYLYNdptucaHXKZFwJQ5zeBizicUR5LHJFfkvs7.i7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fglavred.info%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=QAgVJBQOypAODIf88ipAFkotGI4ZSFppHLfcAEA0GIP.H7&vis=1 HTTP 301
  • https://gaua.hit.gemius.pl/__/_1623328033436/rexdot.js?l=100&id=d1NFzYLYNdptucaHXKZFwJQ5zeBizicUR5LHJFfkvs7.i7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fglavred.info%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=QAgVJBQOypAODIf88ipAFkotGI4ZSFppHLfcAEA0GIP.H7&vis=1
Request Chain 56
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=cc4552cd-e476-44b7-b964-8e45288ae348
Request Chain 57
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d0a6b98f31ab3239
Request Chain 63
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fglavred.info%2F&domain=glavred.info&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=hPs2YHxnU1lSS05RWWordlNOeVRHVGh1TkJjYVpDZ1NPbHZoQVE1R2VkOTQ5bXQyblJYckMrMkloV21BbFlFdHR1TE9nREEzNEl1dFRoRC8zL3V2L1lLTGppQmsxVTJHTHFoSGttY04wU2Q5a1gvNUdtZFdrVU5UQ1ZoTVVZaGtFc1lHclUrMzFYN0tSdDgvZUxrRUhNZEhMK3RzTk53N2dzcWVOL09VNXZURE54Yi9oZDV4bHl2ZVpiMU5hZDh4VlJRMFVvSzZZQTVrTThJNzdqNEIwdDRyaXpvdjBWZ1lDNUZWS3BVRHFtU1dJS0RjPXw&cppv=2
Request Chain 81
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=1uZjZdyPuZNNEBQIFQk4&pi=admatic&tc=1
Request Chain 82
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 83
  • https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-9471156b-fbb0-472c-a2ae-669aec23e808
Request Chain 84
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=05166c263995640a
Request Chain 85
  • https://ih.adscale.de/uu?cbfn=receive&t=1623328034 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1623328034&nut&uu=281d5d716d0743c3abbfa72e5e92c656
Request Chain 87
  • https://creativecdn.com/cm-notify?pi=adtelligent HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307355&extuid=1uZjZdyPuZNNEBQIFQk4&pi=adtelligent
Request Chain 88
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=172250846410868264
Request Chain 89
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d0a6b98f31ab3239
Request Chain 90
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=d0a6b98f31ab3239
Request Chain 97
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D26681ece3803b4fc HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=26681ece3803b4fc
Request Chain 98
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4398024727 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4398024727 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/7ea3541b-c225-47e6-a39d-a3c979e7a65c HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4939d40c-c89d-4a52-8ff3-79bd29704893-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-4939d40c-c89d-4a52-8ff3-79bd29704893-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-4939d40c-c89d-4a52-8ff3-79bd29704893-003&dc=1079cc634ca638f8&iss=1
Request Chain 102
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D26681ece3803b4fc%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=26681ece3803b4fc&uid=95320c5d-9e87-4b79-a75e-34df13fefebd
Request Chain 106
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D26681ece3803b4fc HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 107
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D26681ece3803b4fc%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=26681ece3803b4fc&uid=172250846410868264
Request Chain 109
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-qg3u179E2uEU6LLxFFrFkIyoenOG2W5OWQGIjeM-~A
Request Chain 110
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D26681ece3803b4fc%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=26681ece3803b4fc&uid=f2630b9ed904010396315b2dd32c653c232eff14
Request Chain 111
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D26681ece3803b4fc HTTP 302
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=26681ece3803b4fc&uid=020000001D05C260A424EF4802D512B9
Request Chain 113
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 121
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D&s=190243&C=1
Request Chain 124
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=281d5d716d0743c3abbfa72e5e92c656&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b2905294903aa8e61f4efe21602%2F1623328034474%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034474/0/img?tpid=101&tpuid=BBID-01-02980420349511521-16310520
Request Chain 147
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMIFIipUuecXK9iBY1EVZAAABzAAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMIFIipUuecXK9iBY1EVZAAABzAAAAIB&dcc=t
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMIFIipUuecXK9iBY1EVZAAABzAAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB-yiC1LVZBjuRSf0Wrb9D8&google_cver=1
Request Chain 149
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMIFIipUuecXK9iBY1EVZAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECAbDE1dDwgkCETKcvUwWxE&google_cver=1&gdpr=1
Request Chain 151
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMIFIipUuecXK9iBY1EVZAAA%261840?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMIFIipUuecXK9iBY1EVZAAA%261840?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 152
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0c1ecb93-ced5-4291-87b8-30ad3f36c20d
Request Chain 153
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 154
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YMIFJwABnFAicQAC HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMIFJwABnFAicQAC&gdpr=1&_test=YMIFJwABnFAicQAC
Request Chain 156
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=781af23b686d69703b5bfb43420e649aa9879dc77325a7f270fe7c4bdd0b5361&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b2905294903aa8e61f4efe21602%2F1623328034474%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=e47360c2-0523-4900-86c7-1eba6a3cb997&gdpr=0&gdpr_consent=
Request Chain 157
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b2905294903aa8e61f4efe21602%2F1623328034474%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034474/0/img?tpid=75&tpuid=172250846410868264&gdpr=0
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGq-j7Nd8Fk1MJqySi4PxW8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Request Chain 160
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbcc629cf-44c2-4803-7967-6c5815f79d17%26reqId%3Df9f396cc-3155-468a-6afe-705606665097%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbcc629cf-44c2-4803-7967-6c5815f79d17%26reqId%3Df9f396cc-3155-468a-6afe-705606665097%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=d9b33c7a-9fdf-43bf-a903-ac37828ae747&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Request Chain 162
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbcc629cf-44c2-4803-7967-6c5815f79d17%26reqId%3Df9f396cc-3155-468a-6afe-705606665097%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7ea3541b-c225-47e6-a39d-a3c979e7a65c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Request Chain 166
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=8e69c8df-5bc1-4ad6-9f9e-1df9aed7f751&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 167
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=bcc629cf-44c2-4803-7967-6c5815f79d17&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbcc629cf-44c2-4803-7967-6c5815f79d17%26reqId%3Df9f396cc-3155-468a-6afe-705606665097%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=bcc629cf-44c2-4803-7967-6c5815f79d17&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbcc629cf-44c2-4803-7967-6c5815f79d17%26reqId%3Df9f396cc-3155-468a-6afe-705606665097%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=81365968519088248112315435162223986388&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Request Chain 169
  • https://bn01.er.bemail.it/zeotap.php?_bid=bcc629cf-44c2-4803-7967-6c5815f79d17&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021061014-34083-0.155057001623328043-1aaa156ebc358072b42d0de9a6edd94a&zdid=533&env=mWeb
Request Chain 170
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbcc629cf-44c2-4803-7967-6c5815f79d17%26reqId%3Df9f396cc-3155-468a-6afe-705606665097%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6972140829596776596&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Request Chain 171
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=bcc629cf-44c2-4803-7967-6c5815f79d17 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=bcc629cf-44c2-4803-7967-6c5815f79d17
Request Chain 172
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=bcc629cf-44c2-4803-7967-6c5815f79d17&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbcc629cf-44c2-4803-7967-6c5815f79d17%26reqId%3Df9f396cc-3155-468a-6afe-705606665097%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=bcc629cf-44c2-4803-7967-6c5815f79d17&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbcc629cf-44c2-4803-7967-6c5815f79d17%26reqId%3Df9f396cc-3155-468a-6afe-705606665097%26zdid%3D1361&bounce=1&random=3696621902 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=8xuxALkBP1N2r/Is/7eFdu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Request Chain 174
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=bcc629cf-44c2-4803-7967-6c5815f79d17?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=bcc629cf-44c2-4803-7967-6c5815f79d17?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=a68b1da16b0fb7b27daa8a1861f7ee06&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Request Chain 175
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-dPckyvJE2or4Ua00PX3Bv3ZyWFjWkETr9g--~A&zpartnerid=570&env=mWeb
Request Chain 176
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=5Qi0rJJPV8ETtlxHBqSmn5hjk0sL5E1c%2BS41iYitP1U%3D
Request Chain 180
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbcc629cf-44c2-4803-7967-6c5815f79d17%26reqId%3Df9f396cc-3155-468a-6afe-705606665097%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbcc629cf-44c2-4803-7967-6c5815f79d17%26reqId%3Df9f396cc-3155-468a-6afe-705606665097%26zdid%3D1361&_test=YMIFJwABcb_CXABg HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMIFJwABcb_CXABg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361&_test=YMIFJwABcb_CXABg
Request Chain 181
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbcc629cf-44c2-4803-7967-6c5815f79d17%26reqId%3Df9f396cc-3155-468a-6afe-705606665097%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=fe9160c2-0524-4d00-983c-6a96bc276389&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Request Chain 182
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OLD8nuPq&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=bcc629cf-44c2-4803-7967-6c5815f79d17
Request Chain 183
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=bcc629cf-44c2-4803-7967-6c5815f79d17&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=bcc629cf-44c2-4803-7967-6c5815f79d17&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361&dcc=t
Request Chain 184
  • https://tags.bluekai.com/site/87734?id=bcc629cf-44c2-4803-7967-6c5815f79d17&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 196
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=63f0fb176646f82874ccf2e3177e744104653b4fb8f422ebdbcde8b94ee83230&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b2905294903aa8e61f4efe21602%2F1623328034474%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YMIFIipUuecXK9iBY1EVZAAA%261840
Request Chain 203
  • https://track.adform.net/serving/cookie/match/?party=9&uid=b1d1eb24786968b6e8685f81ecec8eb5198dc17888979c0e17bc339e680ea614&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b2905294903aa8e61f4efe21602%2F1623328034476%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=b1d1eb24786968b6e8685f81ecec8eb5198dc17888979c0e17bc339e680ea614&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b2905294903aa8e61f4efe21602%2F1623328034476%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034476/0/img?tpid=42&gdpr=0&tpuid=3781687751742042847
Request Chain 204
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=f2630b9ed904010396315b2dd32c653c232eff14
Request Chain 205
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=172250846410868264
Request Chain 206
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=172250846410868264
Request Chain 207
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=172250846410868264
Request Chain 208
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-qX2w4m1E2uGXx_7TeBc2RlTEXaMQOdQAu7Nj_Oo-~A
Request Chain 210
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=91c64d74-7a26-52a1-8866-6d35e8a46817
Request Chain 227
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e47360c2-0523-4900-86c7-1eba6a3cb997&gdpr=1&gdpr_consent=
Request Chain 228
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7843073990609540255
Request Chain 230
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=ddeabef6-b46a-44f1-bd84-59b38dd6dbbf&expiration=1654864037
Request Chain 231
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827871554320804 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827871554320804&C=1
Request Chain 234
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=44dce29d2af61849fb4a8357fc25503bdc49e877a0169e2de60a63892311c988&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b2905294903aa8e61f4efe21602%2F1623328034476%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=69b3a8b4-9c33-4a78-a9e4-c0cd52c12843
Request Chain 235
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 237
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=1uZjZdyPuZNNEBQIFQk4&pi=mgid
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDVhZ2pVdHhkdHI1&muidn=l5agjUtxdtr5 HTTP 302
  • https://cm.mgid.com/google?muidn=l5agjUtxdtr5&google_ula={guid},5&google_gid=CAESEFZdA3XiMptwMr_x3ulIx20&google_cver=1
Request Chain 239
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=7ea3541b-c225-47e6-a39d-a3c979e7a65c&ttl=1625920036
Request Chain 240
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=21ad3be7-a936-41f2-abf8-242834a98bda&ssp=mgid&gdpr=&gdpr_consent=
Request Chain 241
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l5agjUtxdtr5 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l5agjUtxdtr5 HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=21ad3be7-a936-41f2-abf8-242834a98bda HTTP 303
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=21ad3be7-a936-41f2-abf8-242834a98bda&_li_chk=true&previous_uuid=09eb2ab5273c407eb8b03cdc8fbc658d HTTP 303
  • https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=21ad3be7-a936-41f2-abf8-242834a98bda
Request Chain 246
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=4caf4ef0f98216279dade381bb22ef4671184bc37976a053649dfc081d685e1c&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b2905294903aa8e61f4efe21602%2F1623328034476%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=fe9160c2-0524-4d00-983c-6a96bc276389&gdpr=0&gdpr_consent=
Request Chain 249
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=94eaf8198fce0882fae43058b50149a650a100eb12cd36ba4c7b9103e737cf2a&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b2905294903aa8e61f4efe21602%2F1623328034474%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=94eaf8198fce0882fae43058b50149a650a100eb12cd36ba4c7b9103e737cf2a&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b2905294903aa8e61f4efe21602%2F1623328034474%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034474/0/js?tpid=48&tpuid=e96dd4a5653d979d448b206e8be97a5f
Request Chain 253
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1623328040778&ns_c=UTF-8&ns_if=1&cv=3.5&c8=SafeFrame%20Container&c7=https%3A%2F%2F52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&c9=https%3A%2F%2Fglavred.info%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1623328040778&ns_c=UTF-8&ns_if=1&cv=3.5&c8=SafeFrame%20Container&c7=https%3A%2F%2F52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&c9=https%3A%2F%2Fglavred.info%2F
Request Chain 255
  • https://bcp.crwdcntrl.net/5/c=15238/rand=207581619/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=207581619/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Request Chain 256
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6906473960582120021 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESED0zXoDppnOjUhyrM9LrVdc&google_cver=1 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=a3bk6WXZKZ6QmyFJSW6-gRJqQ&gdpr=0&gdpr_consent=
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a3bk6WXZKZ6QmyFJSW6-gRJqQ&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm=&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a3bk6WXZKZ6QmyFJSW6-gRJqQ&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a3bk6WXZKZ6QmyFJSW6-gRJqQ&gdpr=0&gdpr_consent=&google_gid=CAESED0zXoDppnOjUhyrM9LrVdc&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YTY4YjFkYTE2YjBmYjdiMjdkYWE4YTE4NjFmN2VlMDY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YTY4YjFkYTE2YjBmYjdiMjdkYWE4YTE4NjFmN2VlMDY&google_tc=
Request Chain 261
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=affe60c2-052b-4100-af6b-80a08b8af121
Request Chain 264
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/a68b1da16b0fb7b27daa8a1861f7ee06/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3870337523717234599

278 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
glavred.info/ 		111 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://glavred.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dad2ef1296d6fe38999933efbb6f24406bd33d0d7c0fa6558f30ac804187c6b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
glavred.info
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding User-Agent
cache-control
public, s-maxage=120
link
<https://glavred.info/>; rel="alternate"; hreflang="ru", <https://glavred.info/ua>; rel="alternate"; hreflang="uk"
access-control-allow-origin
*
set-cookie
hl=ru; expires=Fri, 10-Jun-2022 12:27:12 GMT; Max-Age=31536000; path=/
x-2cache
BYPASS; Thu, 10 Jun 2021 12:27:12 GMT
cf-cache-status
DYNAMIC
cf-request-id
0a977d1d340000f14693216000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vIDuigDsWYSFjXzHqVbH8kwGOQfbstpqdmBtAG8c%2Fdgq3nJ3AgR%2FpP%2FgYZdA3OlFk0VWe5B%2FNgZwqmNWCtZnF0gP8Z38CfiU0ElLrOK%2FFAyRUypzyQpdDdE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
65d297a85d71f146-ARN
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
fa-brands-400.3654744d.woff2
glavred.info/build/fonts/ 		60 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://glavred.info/build/fonts/fa-brands-400.3654744d.woff2
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
origin
https://glavred.info
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
hl=ru
:path
/build/fonts/fa-brands-400.3654744d.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
glavred.info
referer
https://glavred.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://glavred.info
Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1383072
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
61336
cf-request-id
0a977d1f310000168d2406c000000001
last-modified
Thu, 02 Aug 2018 17:16:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HiJPRY%2FeI4XXAEpbQeV27RQkKRxxzc7%2B%2FIpYNZIi9Ng4ZJHo%2FJXaOSzzlGR3mvTHScBlFGQyXr2iQom9jxiKykZgaY0T4mUCI%2B9hVIh1n%2FtDsA3Pn5ZEB9k%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297ab7945168d-ARN
expires
Thu, 31 Dec 2037 23:55:55 GMT
latobold.1b31ece8.woff
glavred.info/build/fonts/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://glavred.info/build/fonts/latobold.1b31ece8.woff
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b03996e23dcbea0107d19cd6a07ee6ff84b9cce67b4a2bae564046f89b00e948
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
origin
https://glavred.info
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
hl=ru
:path
/build/fonts/latobold.1b31ece8.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
glavred.info
referer
https://glavred.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://glavred.info
Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1380102
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
57172
cf-request-id
0a977d1f320000168daf160000000001
last-modified
Fri, 17 Jan 2020 14:33:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wxcATqrNTSSG8xFkxqc%2FnYyAYvJHTpX6NqLPVcoHsWriBJun8W3GUu5vJSqsbl9hgxUMd5AKX5JovRwochgtlQE50dKGpYtXFDtRzxFWohtxmFK380BdrBw%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297ab793a168d-ARN
expires
Thu, 31 Dec 2037 23:55:55 GMT
latoblack.b27ffecc.woff
glavred.info/build/fonts/ 		53 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://glavred.info/build/fonts/latoblack.b27ffecc.woff
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a06636a206691621ef22b7433b612d25654f97da6c47416d9375e25d2f26427
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
origin
https://glavred.info
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
hl=ru
:path
/build/fonts/latoblack.b27ffecc.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
glavred.info
referer
https://glavred.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://glavred.info
Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1380102
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
54344
cf-request-id
0a977d1f310000168d30920000000001
last-modified
Fri, 17 Jan 2020 14:33:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iK7%2FGakrkxgfbC8Xlx9JIjPcQB%2BpKQSKl6G%2BOoCRrEe%2B3m3RdLpdab0eexwkNx1F51k5Fiw7WIi0i6mcENvzX1g3ayj0EwuXs%2B%2F%2BmNS%2FLL83qxnTHovesvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297ab7943168d-ARN
expires
Thu, 31 Dec 2037 23:55:55 GMT
icomoon.2f4a995a.woff
glavred.info/build/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://glavred.info/build/fonts/icomoon.2f4a995a.woff
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1022331ae86fd1238c175b3beb5d01d5a2338464a0d0625ad5fc08b32472309e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
origin
https://glavred.info
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
hl=ru
:path
/build/fonts/icomoon.2f4a995a.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
glavred.info
referer
https://glavred.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://glavred.info
Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1380102
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
19184
cf-request-id
0a977d1f310000168d28153000000001
last-modified
Fri, 17 Jan 2020 12:47:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ur3r3XyZkEdL5A7Vat09kZdbMb6zBtaSsQWrE5btSPt1IU6WHjCZD%2BuQpejd9%2FgjqVCSrALV%2FtdpFcML35AglACCovuYcD3E9qvYuRnxVAfcYP15%2BeFxxlg%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297ab7942168d-ARN
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-solid-900.8a8c0474.woff2
glavred.info/build/fonts/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://glavred.info/build/fonts/fa-solid-900.8a8c0474.woff2
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
origin
https://glavred.info
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
hl=ru
:path
/build/fonts/fa-solid-900.8a8c0474.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
glavred.info
referer
https://glavred.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://glavred.info
Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1383072
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
50372
cf-request-id
0a977d1f310000168dc73e4000000001
last-modified
Thu, 02 Aug 2018 17:16:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pDhUu4tMVmN20oUzXVIwNLC3el5ImRMsgRudfxrTigf8fQN5%2F2l4YpgqJqcKR4ffWr6of7ucj5PGLOz39tOKed%2FBX%2FmvzU6njvNob117QMcBOZuSfzqcWz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297ab7940168d-ARN
expires
Thu, 31 Dec 2037 23:55:55 GMT
latosemibold.9ab55ec4.woff
glavred.info/build/fonts/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://glavred.info/build/fonts/latosemibold.9ab55ec4.woff
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e650fde7b748c6f48495e6fa314563194333aef858db6fa4a6d3d5e19a11e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
origin
https://glavred.info
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
hl=ru
:path
/build/fonts/latosemibold.9ab55ec4.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
glavred.info
referer
https://glavred.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://glavred.info
Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1380102
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
60596
cf-request-id
0a977d1f320000168d20a04000000001
last-modified
Fri, 17 Jan 2020 14:33:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=exSlGY0W%2B3R7p5z%2BLl4mYGXv3WDw3y6W0UrRvK1D0Qqn7lPXf49P%2FrPGlWoWDLHZDNa4CtRkG1pU8fcYIYWQqeEP4uXPGhEoLJ5hEqPP7XRBf%2BrZ0WkZipg%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297ab793d168d-ARN
expires
Thu, 31 Dec 2037 23:55:55 GMT
latoregular.1fbf86c9.woff
glavred.info/build/fonts/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://glavred.info/build/fonts/latoregular.1fbf86c9.woff
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7a40621de140fea12b04805ebabffa3a27e4a2ad7860419f39f101fa4bf53b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
origin
https://glavred.info
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
hl=ru
:path
/build/fonts/latoregular.1fbf86c9.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
glavred.info
referer
https://glavred.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://glavred.info
Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1380102
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
60888
cf-request-id
0a977d1f300000168d08146000000001
last-modified
Fri, 17 Jan 2020 14:33:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3ksmnujfTx31u9AZRm57oMxM8hnIRPYVtrm8Xgijwtr9isRGh%2Fe2OXJ0KuCC923V3HaVKde1ba1cV5HkWrOYYyY6SwlW508Npq4OGXTVvq7Z1zkVVeXLMkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297ab793c168d-ARN
expires
Thu, 31 Dec 2037 23:55:55 GMT
vendor-styles.18cfc610823910e03364192cfd11f07a.css
glavred.info/build/ 		101 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://glavred.info/build/vendor-styles.18cfc610823910e03364192cfd11f07a.css
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25e8a1e592ccef1d76d3d847220fcf3dacb9494f15c5531fe716b8cf4123a319
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/build/vendor-styles.18cfc610823910e03364192cfd11f07a.css
pragma
no-cache
cookie
hl=ru
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
glavred.info
referer
https://glavred.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1380102
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d1f300000168dba8a5000000001
last-modified
Fri, 14 May 2021 12:58:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3kRQr3F7JzLReWQLIAL9Acn2diW3Eioc7T5J8itrAHNq%2BdO4gnqm7cx%2B%2BRWyTsmNsCdwsxaiSe6xomCcX086xBPhXI6olKeicVuuK1%2FZ5HCUSnrz0UH%2FOZw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cf-bgj
minify
cache-control
max-age=315360000
cf-ray
65d297ab6934168d-ARN
expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.6245cea4ac6ac0d5e7e8ac623821d969.css
glavred.info/build/ 		94 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://glavred.info/build/styles.6245cea4ac6ac0d5e7e8ac623821d969.css
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfd004215ea3abd8f8892a8b0954f6ec73fa1a1a018e57a027916f3547ebd6c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/build/styles.6245cea4ac6ac0d5e7e8ac623821d969.css
pragma
no-cache
cookie
hl=ru
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
glavred.info
referer
https://glavred.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
525560
cf-polished
origSize=96536
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d1f330000168db0833000000001
last-modified
Fri, 04 Jun 2021 10:27:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2TwDhfBNe5S6HGr3Ix45GcDXUGY8tBTuwwss6EgDYE0YHjvmApxuSmknQNlo%2F3%2B3W1hFsadAKLiIpkJFLxXjrKqc%2B4Pj8K2Cff7b9pC6sMO3hlM7PFW2Whs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cf-bgj
minify
cache-control
max-age=315360000
cf-ray
65d297ab7946168d-ARN
expires
Thu, 31 Dec 2037 23:55:55 GMT
1623320960-2844.JPG
images.glavred.info/2021_06/thumb_files/240x140/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.glavred.info/2021_06/thumb_files/240x140/1623320960-2844.JPG
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e069650781d947be9a8e4279f983e2cd22ad67a95b4aabccb45ec237d7e34a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5749
cf-polished
origSize=9512, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9313
cf-request-id
0a977d20e20000f14697b45000000001
last-modified
Thu, 10 Jun 2021 10:30:29 GMT
server
cloudflare
etag
"297563e903b470ac4018e8e3d60e79d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FCmgMDl4duJgFxf7CiJaCTlIpQrMGaykLljPkeSaeJVsg228V5CGFwrbSDQOgXefryYLO25pAvqswn%2FNdkgx143zQET4BN9WNqOcCtlUW2MjVxYCAPtcrW1gytNX7he1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297ae395df146-ARN
x-1p1-cdn
MISS; Thu, 10 Jun 2021 10:51:24 GMT
cf-bgj
imgq:85,h2pri
1594816207-5510.jpg
images.glavred.info/2020_07/thumb_files/240x140/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.glavred.info/2020_07/thumb_files/240x140/1594816207-5510.jpg
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200f20452a80b8addbcb8d7df78f7048352f56387400719e1dc659f210f9ba89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6436
cf-polished
degrade=85, origSize=10575, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10310
cf-request-id
0a977d20e10000f146cebef000000001
last-modified
Thu, 10 Jun 2021 10:25:41 GMT
server
cloudflare
etag
"3c876e0ef0e2628252396cf4102337ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dDo7DTqatOE3YQ3vHrSvD55lfo2YO%2BItrwkqF5kCNIUxm1CpMke1Q83Q4l%2BzPbdP%2FUkyNvbi9rIreDmMA8pimqdt2GqV9f0QWOoDAd09TZxc1xo25C8YHO1bIKlow3RE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297ae3959f146-ARN
x-1p1-cdn
MISS; Thu, 10 Jun 2021 10:39:57 GMT
cf-bgj
imgq:85,h2pri
manifest.d41d8cd98f00b204e980.js
glavred.info/build/ 		789 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://glavred.info/build/manifest.d41d8cd98f00b204e980.js
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ba341fbec7fa96dac5aef33e25a52a6e744282bba7c9d5d65de1b7e3a99e2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/build/manifest.d41d8cd98f00b204e980.js
pragma
no-cache
cookie
hl=ru
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
glavred.info
referer
https://glavred.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1383073
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d20cd0000168dd20e1000000001
last-modified
Tue, 16 Mar 2021 13:21:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=t19nnbUmKsZHvZ8S0YRRm5TEZygnRGXmciaTuuAQHmSJJLkgiaA8YUH1RWlyRyg6i1lq7SkKXOetJ1LO0hlRnwL8qhuiXfbw%2FZqXanfkTlceOT1DnHtAT3U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cf-bgj
minify
cache-control
max-age=315360000
cf-ray
65d297ae18ad168d-ARN
expires
Thu, 31 Dec 2037 23:55:55 GMT
vendor.2e9c86e7d16c81784f8d.js
glavred.info/build/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://glavred.info/build/vendor.2e9c86e7d16c81784f8d.js
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b80219db45ed393a1ab9e27629d6211216986caaf482cb4ec32629f74ca9e66e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/build/vendor.2e9c86e7d16c81784f8d.js
pragma
no-cache
cookie
hl=ru
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
glavred.info
referer
https://glavred.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1383073
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d20d30000168d0b0c2000000001
last-modified
Tue, 16 Mar 2021 14:00:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IFetyI%2BcBwXvJGjBOZK0MSb1A2CWf3l4hU%2FApeoZ2PHQgPy4BrnZ8BuOnI7lNV3nqsMAgIRMrtJzHXobfrmbB8MYxp%2FpagTzrZzcG%2BSSyHc71zoEGzZ9Zgk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cf-bgj
minify
cache-control
max-age=315360000
cf-ray
65d297ae18bc168d-ARN
expires
Thu, 31 Dec 2037 23:55:55 GMT
app.f5e3aad6bb3d638ed8c7.js
glavred.info/build/ 		224 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://glavred.info/build/app.f5e3aad6bb3d638ed8c7.js
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d3c78533c1bbc9bc04196133710c94e6e515942ebdc7736215766d67c1986a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/build/app.f5e3aad6bb3d638ed8c7.js
pragma
no-cache
cookie
hl=ru
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
glavred.info
referer
https://glavred.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
533350
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d20d90000168d2e1f0000000001
last-modified
Fri, 04 Jun 2021 08:17:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ExpveBFTxnSfyBD7tZzJFpEK%2B4zGUmwJdiizYRs6djNiBwaM4vN957sNDB8SNWzXbxWCKSj8StaujpdqtHytc56qChIlnI7l1R1HrMmYWTlT9B7ftOmCRDs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cf-bgj
minify
cache-control
max-age=315360000
cf-ray
65d297ae28e5168d-ARN
expires
Thu, 31 Dec 2037 23:55:55 GMT
widget
pogoda.unian.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pogoda.unian.net/widget?type=glavred&lang=ru
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
195.137.240.103 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
Software
nginx /
Resource Hash
84d8abb100a51588a2150eef1fc1480eb1a827b559a86b837537f29c2978b712

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:13 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
X-Cache
BYPASS; Thu, 10 Jun 2021 12:27:13 GMT
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
expires
-1
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22507043-14
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
46444209f8afb6e8994e47b474c81b0906b10ff59f04fb1b64c3e667855adfb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36061
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 10 Jun 2021 12:27:12 GMT
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
65d297ae2bfb2488-FRA
cf-request-id
0a977d20d900002488429e1000000001
gtm.js
www.googletagmanager.com/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W6FPQKK
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b1ccd31e2c56cdd59ccc043102e4fb6b8d3d721071c1f425ca8aba29bf5dd43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35226
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 10 Jun 2021 12:27:12 GMT
redtram-homepage-ru.html
glavred.info/content/ Frame 8DCD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://glavred.info/content/redtram-homepage-ru.html
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71e3a9656759d1e83c042f1fac92b14c3ec906532a055f59446b857050cc475b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
glavred.info
:scheme
https
:path
/content/redtram-homepage-ru.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://glavred.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
hl=ru
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://glavred.info/

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
content-type
text/html; charset=utf-8
last-modified
Wed, 03 Jun 2020 15:16:04 GMT
vary
Accept-Encoding
expires
Thu, 10 Jun 2021 13:27:13 GMT
cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-request-id
0a977d20de0000168dc98d0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dFzJi6Ec6Y15DDi2hWHnUuh%2BQJ3BRIrRPjGG3yclAPXK4t1vxoT5PoT8fdL2drIdw%2Ftmr%2BESHUaRoFzaqgzBE0Gta0Tgy7ZcXkSUCIR4j4XvkJu2HvjjYcM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
65d297ae28f6168d-ARN
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
glavred_light.3055a127.svg
glavred.info/build/images/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glavred.info/build/images/glavred_light.3055a127.svg
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4178279972eaed0f2d3dc4af667522a25f458855b7df055955e2bef786363be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/build/images/glavred_light.3055a127.svg
pragma
no-cache
cookie
hl=ru
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
glavred.info
referer
https://glavred.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1383073
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d20f10000168d240a2000000001
last-modified
Fri, 27 Mar 2020 12:29:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hEIZfChZi2vUOOu3ut7DeEirKaQGsgXkQnyE%2FCxSz2ZBRk%2BGvVUG4jsHpYCLAaXAWSJBrlV8dFTvglp3cEShnONLVlltjCoDkX509BeKYPwv6VtfGQnIcpk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
65d297ae4956168d-ARN
expires
Thu, 31 Dec 2037 23:55:55 GMT
chat-cnt.2dacd98d.png
glavred.info/build/images/ 		218 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glavred.info/build/images/chat-cnt.2dacd98d.png
Requested by
Host: glavred.info
URL: https://glavred.info/build/styles.6245cea4ac6ac0d5e7e8ac623821d969.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0804ecc8509a6fed082326a7ed73fd4c8681eade52a6e4e2947b0ee3b7bd24cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/build/images/chat-cnt.2dacd98d.png
pragma
no-cache
cookie
hl=ru
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
glavred.info
referer
https://glavred.info/build/styles.6245cea4ac6ac0d5e7e8ac623821d969.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://glavred.info/build/styles.6245cea4ac6ac0d5e7e8ac623821d969.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
vary
Accept
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
48899
cf-polished
origFmt=png, origSize=447
content-disposition
inline; filename="chat-cnt.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
218
cf-request-id
0a977d20fb0000168d949c6000000001
last-modified
Thu, 02 Aug 2018 17:16:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GFBxBkMfBuBIA0qcogxvH4cWwOMsRusxHeI1XqWSquIqLLnTsyI7SeOrlk39Qcvmy9Y5bJnVomHpMBTOB1HxMxTa%2F82aU1xCeHZS9B4psMuh1Z0ggPJJg7A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297ae596c168d-ARN
cf-bgj
imgq:85,h2pri
xgemius.js
gaua.hit.gemius.pl/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
eb7c9303c1909cb61c459c12b535c69eb76ed3b08720c97a586e26b0b4ab8028

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 09:58:52 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
10552
expires
Fri, 11 Jun 2021 00:27:13 GMT
5dpkkhjuz5
www.clarity.ms/tag/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/5dpkkhjuz5
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
786623e3ec647426e3dd7b68e8713e80e34959f4cca988615a9125d536decc2e

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
x-powered-by
ASP.NET
x-azure-ref
0IQXCYAAAAAAbnU5F37p9QJI3qoSEYiIuTE9OMjFFREdFMDExMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
content-length
1037
expires
-1
web-vitals.umd.js
unpkg.com/web-vitals@1.1.1/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@1.1.1/dist/web-vitals.umd.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6FPQKK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
3747228
fly-request-id
01F4B8KNV08N7TBR9G8FAZP5D8
content-encoding
br
vary
Accept-Encoding
cf-request-id
0a977d216200004a9d5fa2a000000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1061-Lg/hc9+R+8jAR7NYymzfENgFcZM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
65d297af0dba4a9d-FRA
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-22507043-14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1592
date
Thu, 10 Jun 2021 12:00:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 10 Jun 2021 14:00:41 GMT
hb_298309_4141.js
player.adtcdn.com/prebidlink/450924/ 		332 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/450924/hb_298309_4141.js
Requested by
Host: glavred.info
URL: https://glavred.info/build/app.f5e3aad6bb3d638ed8c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e4d36a4d43eb89ea80bfc00e408d04df95972b9d13cc01bdc0ce5272a209bea

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
461
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d219600002b719c062000000001
last-modified
Fri, 21 May 2021 08:15:44 GMT
server
cloudflare
etag
W/"60a76c30-52e9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6%2F2Zzbsq1yFC7tD6H6%2B8W8qGFOLM4zPnfcG%2FxyQdZcMUHO1JP3kHmvzxui2%2BDyogiAGwNy6NRngsGEYV0RKoVugsQ7PtsVsRF3X1Yo%2B7d51G2i7SXVKYWYxUoDstMs4s%2BLju9d416LBoExk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
65d297af5ceb2b71-FRA
expires
Thu, 10 Jun 2021 12:34:32 GMT
1594816207-5510.jpg
images.glavred.info/2020_07/thumb_files/330x200/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.glavred.info/2020_07/thumb_files/330x200/1594816207-5510.jpg
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1da18c407ee2e833f216f44f16f2fd179703919973f2493c07d0367e12e9e2f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2977
cf-polished
degrade=85, origSize=17917, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
17136
cf-request-id
0a977d218d0000168deea83000000001
last-modified
Thu, 10 Jun 2021 11:31:31 GMT
server
cloudflare
etag
"eef361bf8551b5efa881d38959839dca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CMnHpS6I23CtHXmsyjmmj46L5zl5i1%2FGtNezK%2FacwEzb1JPEL%2FehuDfoj7Tdb6WEagNIzWhk9rE6xOZ4Vt5cVApcBnPjWFI9fp6bAyLrnuCaQ4ssme9mv5QCBHeEbYbZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297af4ccb168d-ARN
x-1p1-cdn
HIT; Thu, 10 Jun 2021 11:34:47 GMT
cf-bgj
imgq:85,h2pri
1605024554-9793.png
images.glavred.info/2020_11/thumb_files/70x70/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.glavred.info/2020_11/thumb_files/70x70/1605024554-9793.png
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de39183001281646fcabec00cbfa96d96758ef714131a8827423453b9d59db9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
vary
Accept
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
22879
cf-polished
origFmt=png, origSize=8445
content-disposition
inline; filename="1605024554-9793.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6390
cf-request-id
0a977d21ad0000168d949da000000001
last-modified
Tue, 10 Nov 2020 16:09:20 GMT
server
cloudflare
etag
"a7c7b4b2ff5cc6f4c8f0b64020a3ac20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GWZNZRD7j1esJQCce5XPaLcAA4OTlavxRxZmUgW95km98t6kfFoG0qeQyly0Prs86VT%2Fd8gKvzqLz5BkR6iLwor4U4UEJtoXTaz1arI47Q5NyV7ap7wr7KkHsw1npfj6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297af4cd0168d-ARN
x-1p1-cdn
HIT; Thu, 10 Jun 2021 05:55:19 GMT
cf-bgj
imgq:85,h2pri
1533289401-4926.png
images.glavred.info/2018_08/thumb_files/70x70/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.glavred.info/2018_08/thumb_files/70x70/1533289401-4926.png
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5e377f09c9259c076c5cc20b22aaf832fca3fab3ddec8fc7f62403d0b507e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
vary
Accept
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
33522
cf-polished
origFmt=png, origSize=7757
content-disposition
inline; filename="1533289401-4926.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5356
cf-request-id
0a977d218e0000168deea84000000001
last-modified
Fri, 03 Aug 2018 09:43:24 GMT
server
cloudflare
etag
"091a73aa92064858e0964459313bb10d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KxEZ2PgDBaMkiBZ%2FqGa6fNmAa0xIm8E4IN%2BuuQRkITXfgJDAPRQOG%2BQfIM18AgQRA3vsbJVAxyiMyyAAAwH6YZZSgpEz5sh0fMogrf1NjpngyKmGwn%2F3i81A9Keleh97"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297af4cd2168d-ARN
x-1p1-cdn
MISS; Thu, 10 Jun 2021 03:08:31 GMT
cf-bgj
imgq:85,h2pri
1569400712-8090.png
images.glavred.info/2019_09/thumb_files/70x70/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.glavred.info/2019_09/thumb_files/70x70/1569400712-8090.png
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f60c81511352b14c637a546fbb9020479b48322f8c4aeffb1a6850db25dac6d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
vary
Accept
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
68917
cf-polished
origFmt=png, origSize=7079
content-disposition
inline; filename="1569400712-8090.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5056
cf-request-id
0a977d218e0000168deea85000000001
last-modified
Wed, 25 Sep 2019 08:39:01 GMT
server
cloudflare
etag
"8876870bc7fe8a25340069e782f75984"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oG5i8uRltcjbVWLMt3ahvlT4MnCUncNLcQIj2yMR6rkhUahtomTNvpNtj%2BJZRZYGYUn0EMTyYLPucaLpUuyptFapY0%2BCTPvxJDstwxteg6CuklIo%2F2uNdfObe8aKpo2%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297af4cd4168d-ARN
x-1p1-cdn
HIT; Wed, 09 Jun 2021 17:16:33 GMT
cf-bgj
imgq:85,h2pri
1533292758-2310.png
images.glavred.info/2018_08/thumb_files/70x70/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.glavred.info/2018_08/thumb_files/70x70/1533292758-2310.png
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea9efc156ebc91bf2cfe71a8d27e4633dc1cf86bafe902d582b3aee00635f419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
vary
Accept
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
108006
cf-polished
origFmt=png, origSize=7887
content-disposition
inline; filename="1533292758-2310.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5580
cf-request-id
0a977d218e0000168deea86000000001
last-modified
Fri, 03 Aug 2018 10:39:21 GMT
server
cloudflare
etag
"6411077e2a59a33edfcba6db0b736526"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ezkfHnJmh6mOelKueEnGYBE%2BMnAceowq95WravIaOc2BTtHN3sA%2F4CYhQb%2Fh8Kj9FMg3Ha9K5KyXNAPtoUj5pgbQ27im9Ue%2FWanY3t99flj4pUvxB87dMRzjtYO%2BCxPR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297af4cd5168d-ARN
x-1p1-cdn
MISS; Wed, 09 Jun 2021 06:27:07 GMT
cf-bgj
imgq:85,h2pri
1609338175-8114.png
images.glavred.info/2020_12/thumb_files/70x70/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.glavred.info/2020_12/thumb_files/70x70/1609338175-8114.png
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165ef1b5a5dcc599b66d2d33b5dcc87467da6bbbe2a101f305466877972e631c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
vary
Accept
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
326662
cf-polished
origFmt=png, origSize=7737
content-disposition
inline; filename="1609338175-8114.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5848
cf-request-id
0a977d218f0000168d271cd000000001
last-modified
Wed, 30 Dec 2020 14:23:07 GMT
server
cloudflare
etag
"875e6d77effdeeccb8a832b36dca3f7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ANT0fPFb4qIXtjjtVZeJMop6sNMQv%2BYxLm05lngsHArrS9HfwjEAJwOTi3%2F5Nchv1EXW1HM5abu1vmfzHViYu6mCNMQia12Pmj7Z2anxR5QLPgBPcAmnbh8X6kGfzPCI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297af4cd8168d-ARN
x-1p1-cdn
MISS; Sun, 06 Jun 2021 17:42:51 GMT
cf-bgj
imgq:85,h2pri
1623155370-4668.JPG
images.glavred.info/2021_06/thumb_files/330x200/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.glavred.info/2021_06/thumb_files/330x200/1623155370-4668.JPG
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5837a015fb04ecd3a24c2c4ca20aaccfc2d3a1756da6b25b269f1c81c0b7e47f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
vary
Accept
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
86214
cf-polished
qual=85, origFmt=jpeg, origSize=12132
content-disposition
inline; filename="1623155370-4668.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9702
cf-request-id
0a977d218f0000168d2819c000000001
last-modified
Wed, 09 Jun 2021 12:27:04 GMT
server
cloudflare
etag
"b101bc86f226f4fd436865a6a3965157"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=O01Vh7NvVSD4zO%2FtbALH1VC6zVJmbZaNjg8F9utfwtkZ2G296UlPABrJ9jaKgEnFUJ9aH10t5ymUJdJrc0AZ2EEET7vqwFemYKBNe4W3eqzLNkB4iNyxNTTYU5jarPUy"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297af4cd9168d-ARN
x-1p1-cdn
HIT; Wed, 09 Jun 2021 12:27:08 GMT
cf-bgj
imgq:85,h2pri
1622840660-2338.JPG
images.glavred.info/2021_06/thumb_files/330x200/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.glavred.info/2021_06/thumb_files/330x200/1622840660-2338.JPG
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ff3c8801bb08071ccded02a234842005c8047a17dd7cdc7794c9cf2e7f425eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
vary
Accept
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
46829
cf-polished
qual=85, origFmt=jpeg, origSize=11390
content-disposition
inline; filename="1622840660-2338.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9770
cf-request-id
0a977d21910000168d211b6000000001
last-modified
Tue, 08 Jun 2021 07:13:45 GMT
server
cloudflare
etag
"5375782e225fadce9ea1c8a0a93e9747"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nnHWENSCMGJeEkY3MZCMD0uIyfZkhsoNtjPVZt4PGVTA1XYSrkOqmkKP3hGJ2y630l8SaeHWrDEIQQ7PIfexnFR%2BpKX%2BoTbdIBbZt8FPUqNV%2FLFOoeFH1n%2F%2FBArfaOlN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65d297af4cda168d-ARN
x-1p1-cdn
MISS; Wed, 09 Jun 2021 23:26:44 GMT
cf-bgj
imgq:85,h2pri
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1768882602&t=pageview&_s=1&dl=https%3A%2F%2Fglavred.info%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B7%D0%B0%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B9%20%D1%87%D0%B0%D1%81%20%D0%BD%D0%B0%20%D0%93%D0%BB%D0%B0%D0%B2%D1%80%D0%B5%D0%B4.%20%D0%90%D0%BA%D1%82%D1%83%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%20%D0%BC%D0%B8%D1%80%D0%B5%20%D0%B7%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D1%80%D0%B5%D0%B4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=439822908&gjid=600096161&cid=1598728917.1623328033&tid=UA-22507043-14&_gid=1662206519.1623328033&_r=1&gtm=2ou690&z=998648118
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://glavred.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1768882602&t=event&ni=1&_s=1&dl=https%3A%2F%2Fglavred.info%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B7%D0%B0%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B9%20%D1%87%D0%B0%D1%81%20%D0%BD%D0%B0%20%D0%93%D0%BB%D0%B0%D0%B2%D1%80%D0%B5%D0%B4.%20%D0%90%D0%BA%D1%82%D1%83%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%20%D0%BC%D0%B8%D1%80%D0%B5%20%D0%B7%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D1%80%D0%B5%D0%B4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=FCP&el=v1-1623328033149-2982144730625&ev=1118&_u=YEDAAUABAAAAAC~&jid=200932584&gjid=1495860991&cid=1598728917.1623328033&tid=UA-22507043-14&_gid=1662206519.1623328033&_r=1&gtm=2wg621W6FPQKK&z=811504202
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://glavred.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-22507043-14&cid=1598728917.1623328033&jid=439822908&gjid=600096161&_gid=1662206519.1623328033&_u=YEBAAUAAAAAAAC~&z=1429338841
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 10 Jun 2021 12:27:13 GMT
content-type
text/plain
access-control-allow-origin
https://glavred.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-22507043-14&cid=1598728917.1623328033&jid=200932584&gjid=1495860991&_gid=1662206519.1623328033&_u=YEDAAUABAAAAAC~&z=1773263222
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 10 Jun 2021 12:27:13 GMT
content-type
text/plain
access-control-allow-origin
https://glavred.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-22507043-14&cid=1598728917.1623328033&jid=439822908&_u=YEBAAUAAAAAAAC~&z=757029047
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-22507043-14&cid=1598728917.1623328033&jid=439822908&_u=YEBAAUAAAAAAAC~&z=757029047
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-22507043-14&cid=1598728917.1623328033&jid=200932584&_u=YEDAAUABAAAAAC~&z=1162375403
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-22507043-14&cid=1598728917.1623328033&jid=200932584&_u=YEDAAUABAAAAAC~&z=1162375403
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame 8DCD 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: glavred.info
URL: https://glavred.info/content/redtram-homepage-ru.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
65d297af9f012488-FRA
cf-request-id
0a977d21ba000024884f030000000001
/
newscode.online/ru/35958/ Frame 8DCD 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newscode.online/ru/35958/
Requested by
Host: glavred.info
URL: https://glavred.info/content/redtram-homepage-ru.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.244.25.71 , Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5d69cce486af16a29a1227b693b0394fc67bc989de18803fef40a942c8101165

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
gzip
last-modified
Mon, 07 Jun 2021 07:36:02 GMT
server
nginx/1.18.0
etag
W/"60bdcc62-41d8"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
expires
Thu, 17 Jun 2021 12:27:13 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: glavred.info
URL: https://glavred.info/build/app.f5e3aad6bb3d638ed8c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
d4fbef821f302dedcda65778b1cc462affdc02fd826a6fc9162512d2a17a3d20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"898 / 379 of 1000 / last-modified: 1623323450"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21409
x-xss-protection
0
expires
Thu, 10 Jun 2021 12:27:13 GMT
clarity.js
www.clarity.ms/vmss-eus2/s/0.6.13/ 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/vmss-eus2/s/0.6.13/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/5dpkkhjuz5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
65273119e256096ceca5b848928dd7f731ed42c6bfdeb132950ca9a34a98d374

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
content-encoding
br
etag
"1d756572db92087"
last-modified
Mon, 31 May 2021 19:57:26 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
public,max-age=86400
x-azure-ref
0IQXCYAAAAAA9YC491dV2SI4dwI9EnDVETE9OMjFFREdFMDExMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
content-length
20127
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=CB776C090B534C5DACDF06B7FCC77BF2&RedC=c.clarity.ms&MXFR=01A488BD0CDB62DF3AD598EF08DB6CED
  • https://c.clarity.ms/c.gif?CtsSyncId=CB776C090B534C5DACDF06B7FCC77BF2&MUID=0BA901B3C6216BCD0D8B11E1C7096AF6
42 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=CB776C090B534C5DACDF06B7FCC77BF2&MUID=0BA901B3C6216BCD0D8B11E1C7096AF6
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:13 GMT
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"506f5bd17ad71:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:12 GMT
x-msedge-ref
Ref A: 288824D91DDE4B35BB5D10B109364747 Ref B: STOEDGE0921 Ref C: 2021-06-10T12:27:13Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=CB776C090B534C5DACDF06B7FCC77BF2&MUID=0BA901B3C6216BCD0D8B11E1C7096AF6
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
fpdata.js
gaua.hit.gemius.pl/ 		281 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=glavred.info
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
0b545f6428aa74aea62b2a34d46ef39e8379c6b6396857bfce4c988b8aaba9f7

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
281
expires
Sat, 10 Jul 2021 12:27:13 GMT
rexdot.js
gaua.hit.gemius.pl/__/_1623328033436/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1623328033436/rexdot.js?l=100&id=d1NFzYLYNdptucaHXKZFwJQ5zeBizicUR5LHJFfkvs7.i7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fglavred....
  • https://gaua.hit.gemius.pl/__/_1623328033436/rexdot.js?l=100&id=d1NFzYLYNdptucaHXKZFwJQ5zeBizicUR5LHJFfkvs7.i7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fglavr...
169 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1623328033436/rexdot.js?l=100&id=d1NFzYLYNdptucaHXKZFwJQ5zeBizicUR5LHJFfkvs7.i7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fglavred.info%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=QAgVJBQOypAODIf88ipAFkotGI4ZSFppHLfcAEA0GIP.H7&vis=1
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
01b7db03e4cc483b339161ef7ad1deae41bb10bb5bc0ab1ea7f6c8331cd5c342

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:13 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Wed, 09 Jun 2021 12:27:13 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:13 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1623328033436/rexdot.js?l=100&id=d1NFzYLYNdptucaHXKZFwJQ5zeBizicUR5LHJFfkvs7.i7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fglavred.info%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=QAgVJBQOypAODIf88ipAFkotGI4ZSFppHLfcAEA0GIP.H7&vis=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Wed, 09 Jun 2021 12:27:13 GMT
2485.gif
rus.redtram.com/px/ Frame 8DCD 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rus.redtram.com/px/2485.gif?referrer=https%3A%2F%2Fglavred.info%2F&v=1623328033482
Requested by
Host: glavred.info
URL: https://glavred.info/content/redtram-homepage-ru.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.244.25.85 , Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:13 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.18.0
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 25 Apr 1986 22:23:46 GMT
pubads_impl_2021060901.js
securepubads.g.doubleclick.net/gpt/ 		326 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 08:43:05 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116890
x-xss-protection
0
expires
Thu, 10 Jun 2021 12:27:13 GMT
wrapper_hb_298309_4141.js
player.adtcdn.com/prebidlink/450924/ 		158 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/450924/wrapper_hb_298309_4141.js
Requested by
Host: glavred.info
URL: https://glavred.info/build/app.f5e3aad6bb3d638ed8c7.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86df0d602993a3dd52225390086c7b0d00119e772782adec2cd4c3cb4f256f7e

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
414
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d22e6000097f6222a8000000001
last-modified
Tue, 08 Jun 2021 17:09:40 GMT
server
cloudflare
etag
W/"60bfa454-276f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PGyyTfp%2FP6EYQ9lREJ9Tyu2e0PkC2vv69OcxhpUAilDvbLFxACaUPzwIsxNvimmk0vVFURHKsLuB5vVRv6hVqykCzOEqXV6Xys6olhjsCIRlvIE3RjeQ%2Fa13QipNHSPls2FrWGpzgdYOkUw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
65d297b16dd497f6-FRA
expires
Thu, 10 Jun 2021 12:35:19 GMT
tracking
ghb.adtelligent.com/adunit/ 		43 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=298309&site_id=4141&full_page_url=https%3A%2F%2Fglavred.info%2F&adid=qvlj4g.gi&vpbv=0783&lifecycle_tte=1589
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/wrapper_hb_298309_4141.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://glavred.info
Date
Thu, 10 Jun 2021 12:27:12 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
csyncs
ghb.adtelligent.com/ 		875 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=437382&aid2=437383&aid3=443025&aid4=607661&aid5=638043&aid6=undefined
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/wrapper_hb_298309_4141.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
5688bcb0868115238da11f699bd578b9f69a6f4151909e2688cff4e9b1cc1075

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 12:27:12 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://glavred.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
390
sync.html
s.console.adtarget.com.tr/ Frame 431B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=609096
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/wrapper_hb_298309_4141.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
f1cda8a73a221c2395d99dd2b4888f98744674b9ea46603cf8b3663e53203466

Request headers

Host
s.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://glavred.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://glavred.info/

Response headers

Server
VertaMedia 1.0
Date
Thu, 10 Jun 2021 12:27:13 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
947
Access-Control-Allow-Origin
https://glavred.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
Cookie set csync
sync.adtelligent.com/ Frame 7054
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=cc4552cd-e476-44b7-b964-8e45288ae348
86 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=cc4552cd-e476-44b7-b964-8e45288ae348
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/wrapper_hb_298309_4141.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://glavred.info/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=d0a6b98f31ab3239
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://glavred.info/

Response headers

Server
VertaMedia 1.0
Date
Thu, 10 Jun 2021 12:27:13 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=d0a6b98f31ab3239; expires=Wed, 11 Aug 2021 12:27:14 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None a319130=cc4552cd-e476-44b7-b964-8e45288ae348; expires=Wed, 11 Aug 2021 12:27:14 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None

Redirect headers

set-cookie
viewer_token=cc4552cd-e476-44b7-b964-8e45288ae348; path=/; domain=csync.loopme.me; Expires=Sat, 10-Jul-2021 12:27:13 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=cc4552cd-e476-44b7-b964-8e45288ae348
content-length
0
date
Thu, 10 Jun 2021 12:27:13 GMT
server
_
1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d0a6b98f31ab3239
35 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d0a6b98f31ab3239
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d0a6b98f31ab3239
Date
Thu, 10 Jun 2021 12:27:13 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
match
dm.hybrid.ai/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.22 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:13 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
127
x-xss-protection
1; mode=block
expires
-1
rum
glavred.info/cdn-cgi/ Frame 8DCD 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://glavred.info/cdn-cgi/rum?req_id=65d297ae28f6168d
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://glavred.info
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
hl=ru; _ga=GA1.2.1598728917.1623328033; _gid=GA1.2.1662206519.1623328033; _gat_gtag_UA_22507043_14=1; _gat_UA-22507043-14=1; _clck=1frkhp0; __gfp_64b=QAgVJBQOypAODIf88ipAFkotGI4ZSFppHLfcAEA0GIP.H7|1623328033
content-length
2056
:path
/cdn-cgi/rum?req_id=65d297ae28f6168d
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
glavred.info
referer
https://glavred.info/content/redtram-homepage-ru.html
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://glavred.info/content/redtram-homepage-ru.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://glavred.info
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
65d297b2ee92168d-ARN
vary
Origin
config.json
player.adtelligent.com/exchange_rates/298308/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/298308/config.json?cb=https%3A%2F%2Fglavred.info%2F
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/hb_298309_4141.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d47ca76fa8719d4bf02a4a3bda62949c6556f54a5d52e4795b902e7b5a5f17e2

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 12:01:07 GMT
server
nginx
etag
W/"60c1ff03-1191"
content-type
application/json
access-control-allow-origin
https://glavred.info
expires
Thu, 10 Jun 2021 13:27:13 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16600b031f7e2e59efe4b96a23e07fb4a56b411833e73070c1c8b60bc7116cf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 11:29:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3490
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5871
x-xss-protection
0
server
cafe
etag
12272712123306252075
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Jun 2021 12:29:03 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fglavred.info%2F&domain=glavred.info&cw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://glavred.info
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://glavred.info
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
2345
date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fglavred.info%2F&domain=glavred.info&cw=1
  • https://mug.criteo.com/sid?cpp=hPs2YHxnU1lSS05RWWordlNOeVRHVGh1TkJjYVpDZ1NPbHZoQVE1R2VkOTQ5bXQyblJYckMrMkloV21BbFlFdHR1TE9nREEzNEl1dFRoRC8zL3V2L1lLTGppQmsxVTJHTHFoSGttY04wU2Q5a1gvNUdtZFdrVU5UQ1ZoTV...
353 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=hPs2YHxnU1lSS05RWWordlNOeVRHVGh1TkJjYVpDZ1NPbHZoQVE1R2VkOTQ5bXQyblJYckMrMkloV21BbFlFdHR1TE9nREEzNEl1dFRoRC8zL3V2L1lLTGppQmsxVTJHTHFoSGttY04wU2Q5a1gvNUdtZFdrVU5UQ1ZoTVVZaGtFc1lHclUrMzFYN0tSdDgvZUxrRUhNZEhMK3RzTk53N2dzcWVOL09VNXZURE54Yi9oZDV4bHl2ZVpiMU5hZDh4VlJRMFVvSzZZQTVrTThJNzdqNEIwdDRyaXpvdjBWZ1lDNUZWS3BVRHFtU1dJS0RjPXw&cppv=2
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
0e5f578fb70950e87d859a76be01e085d489189c9e73ab343e2fe835de30e2f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 10 Jun 2021 12:27:14 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2271
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Jun 2021 12:27:13 GMT
location
https://mug.criteo.com/sid?cpp=hPs2YHxnU1lSS05RWWordlNOeVRHVGh1TkJjYVpDZ1NPbHZoQVE1R2VkOTQ5bXQyblJYckMrMkloV21BbFlFdHR1TE9nREEzNEl1dFRoRC8zL3V2L1lLTGppQmsxVTJHTHFoSGttY04wU2Q5a1gvNUdtZFdrVU5UQ1ZoTVVZaGtFc1lHclUrMzFYN0tSdDgvZUxrRUhNZEhMK3RzTk53N2dzcWVOL09VNXZURE54Yi9oZDV4bHl2ZVpiMU5hZDh4VlJRMFVvSzZZQTVrTThJNzdqNEIwdDRyaXpvdjBWZ1lDNUZWS3BVRHFtU1dJS0RjPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://glavred.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1625
content-length
482
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/hb_298309_4141.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glavred.info
date
Thu, 10 Jun 2021 12:27:13 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
/
ghb.adtelligent.com/v2/auction/ 		643 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/hb_298309_4141.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
d24c5180cf20943db33a2ac8fb538e0cbc4d1c5d4269f4c9386705a226ef8f84

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 10 Jun 2021 12:27:12 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://glavred.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
379
prebid
ib.adnxs.com/ut/v3/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/hb_298309_4141.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d0387141074ef90a3397602dfe70127be8e706c161977b02068fa3a3e9f815d0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:13 GMT
X-Proxy-Origin
86.106.103.116; 86.106.103.116; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid
3661a83d-0c9e-4790-856d-ee0a3d784d9b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://glavred.info
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
260
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ghb1.adtelligent.com/v2/auction/ 		241 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/hb_298309_4141.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
53a7aed76d8b17b24f2cbd51d3da576b4d3a9ada4a9a22b56be58dca87f8a173

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 10 Jun 2021 12:27:12 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://glavred.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
147
cdb
bidder.criteo.com/ 		0
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.36.0-1&cb=16727663895
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/hb_298309_4141.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glavred.info
date
Thu, 10 Jun 2021 12:27:13 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid.1.1.aspx
inv-nets.admixer.net/ 		42 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22id%22:17236,%22name%22:%22Dentsu_Halfscreen%22,%22adapter_id%22:779,%22type%22:%22display%22,%22bidder%22:%22admixer%22,%22entityId%22:10370,%22geo%22:{%22type%22:%22block%22,%22list%22:{},%22skipGeo%22:true},%22isMarket%22:false,%22params%22:{%22zone%22:%229c5ac4fd-5e54-41a1-abaa-9b5d75ba6e85%22},%22minViewWithDfp%22:0,%22noR%22:0,%22overrideId%22:3097618,%22labels%22:[],%22validLabelIds%22:[],%22userId%22:{%22pubcid%22:%227f40bccb-8e9f-4767-9604-3c22f6820fcd%22},%22userIdAsEids%22:[{%22source%22:%22pubcid.org%22,%22uids%22:[{%22id%22:%227f40bccb-8e9f-4767-9604-3c22f6820fcd%22,%22atype%22:1}]}],%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[1440,180]]}},%22adUnitCode%22:%22api-gpt-catfish-wrapper%22,%22transactionId%22:%2278f71daf-ab42-4f42-b92b-ae560e383a50%22,%22sizes%22:[[1440,180]],%22bidId%22:%2215d15de4a6300cf%22,%22bidderRequestId%22:%22148ad5908cab092%22,%22auctionId%22:%22qvljbn.4g%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0}],%22referrer%22:%22https%3A%2F%2Fglavred.info%2F%22}
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/hb_298309_4141.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 10 Jun 2021 12:27:13 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://glavred.info
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
adjson
ads.betweendigital.com/ 		2 B
913 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/hb_298309_4141.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://glavred.info
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
arj
adtelligent-d.openx.net/w/1.0/ 		172 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fglavred.info%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=78f71daf-ab42-4f42-b92b-ae560e383a50%2C3186e187-f35e-492b-8048-75330181685f&nocache=1623328033837&pubcid=7f40bccb-8e9f-4767-9604-3c22f6820fcd&schain=1.0%2C1!adtelligent.com%2C298309%2C1%2C%2C%2C&aus=1440x180%7C300x600&divIds=api-gpt-catfish-wrapper%2Cbanner-ad-1&auid=541177132%2C541177132
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/hb_298309_4141.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
24c9edecbbea52c50a4f237fcfe0376256f1242d843a7c760a71537d8c9c2f99

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
gzip
server
OXGW/16.208.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://glavred.info
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
rtb.adxpremium.services/openrtb2/ 		325 B
893 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/hb_298309_4141.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:631d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac2d777bcb8ecfb610a470bb90d3f2f30ad1c8ed7fe59bdb79b005372f74ad80

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d2443000016e6b6930000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ByKUcPMadTN3zPm58v%2FNM9CvhXTkwEKgTRe1ROqQAE7pBXkN678QpEALH2PmeAMS3eBQXeyhXbfYVZmqqUMsgA0FCqBd1gMg4v0MCDxrO%2B1orABIWN6sFTquw1ixoFsBTMxh72nE5YpsjGElXUuG5H4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://glavred.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
65d297b3993c16e6-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48990&zone_id=1807062&size_id=10&rp_schain=1.0,1!adtelligent.com,298309,1,,,&eid_pubcid.org=7f40bccb-8e9f-4767-9604-3c22f6820fcd%5E1&rf=https%3A%2F%2Fglavred.info%2F&tk_flint=pbjs_lite_v4.36.0-1&x_source.tid=3186e187-f35e-492b-8048-75330181685f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.25563165221307105
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/hb_298309_4141.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6628f4531015922c3e4f550d0cf084ce923a6122e87d1d1a342ff0764583e0c0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:14 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://glavred.info
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
ghb2.adtelligent.com/v2/auction/ 		361 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/hb_298309_4141.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
f17f143f0f7f159ad47c74f5b9868343ef7467e2fb2f56d76e8ead4d32028b2d

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 10 Jun 2021 12:27:13 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://glavred.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
175
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=hPs2YHxnU1lSS05RWWordlNOeVRHVGh1TkJjYVpDZ1NPbHZoQVE1R2VkOTQ5bXQyblJYckMrMkloV21BbFlFdHR1TE9nREEzNEl1dFRoRC8zL3V2L1lLTGppQmsxVTJHTHFoSGttY04wU2Q5a1gvNUdtZFdrVU5UQ1ZoTVVZaGtFc1lHclUrMzFYN0tSdDgvZUxrRUhNZEhMK3RzTk53N2dzcWVOL09VNXZURE54Yi9oZDV4bHl2ZVpiMU5hZDh4VlJRMFVvSzZZQTVrTThJNzdqNEIwdDRyaXpvdjBWZ1lDNUZWS3BVRHFtU1dJS0RjPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1160
date
Thu, 10 Jun 2021 12:27:13 GMT
content-encoding
gzip
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 55CD 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=170702
expires
Sat, 12 Jun 2021 11:52:16 GMT
date
Thu, 10 Jun 2021 12:27:14 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame 07D0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:4a00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

:method
GET
:authority
js.adscale.de
:scheme
https
:path
/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Wed, 02 Jun 2021 04:52:00 GMT
x-amz-version-id
PrxfzkfOycpkP6dzd0FWzZeWCMor9ul2
server
AmazonS3
content-encoding
br
date
Thu, 10 Jun 2021 10:52:02 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 8e7f8d6c351ed6517ae551a94de97acb.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P1
x-amz-cf-id
Ud0Cc4G3VyAaS6l2pEMzYD216VYQNsxqQfdQpkFJIV8G_twxX5UhTw==
age
5713
cookie
cm.adform.net/ Frame 4093 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:method
GET
:authority
cm.adform.net
:scheme
https
:path
/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Thu, 10 Jun 2021 12:27:14 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 64A6 		251 B
615 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-194.datapacket.com
Software
BunnyCDN-DE1-713 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

:method
GET
:authority
cdn.admatic.com.tr
:scheme
https
:path
/user
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-713
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
RO
cdn-edgestorageid
601
cdn-storageserver
DE-51
cache-control
public, max-age=3600
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-06-08 21:27:33
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
4b9348e7ad2ad07cd68b14af29f17180
cdn-cache
HIT
content-encoding
gzip
sync.html
s.adtelligent.com/ Frame 79FD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=609724
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
979083f6bf899e9c0502dc85534d8b35d930dffd7272638200f2e51e7006d035

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=d0a6b98f31ab3239
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Thu, 10 Jun 2021 12:27:13 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
810
Access-Control-Allow-Origin
https://s.console.adtarget.com.tr
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
Cookie set csync
sync.console.adtarget.com.tr/ Frame 879F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=1uZjZdyPuZNNEBQIFQk4&pi=admatic&tc=1
86 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=1uZjZdyPuZNNEBQIFQk4&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Thu, 10 Jun 2021 12:27:14 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=05166c263995640a; expires=Wed, 11 Aug 2021 12:27:15 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307080=1uZjZdyPuZNNEBQIFQk4; expires=Wed, 11 Aug 2021 12:27:15 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None

Redirect headers

date
Thu, 10 Jun 2021 12:27:14 GMT Thu, 10 Jun 2021 12:27:14 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=1uZjZdyPuZNNEBQIFQk4&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame EC81
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
204bc8db977c1c721fc7196a3ac9830f9a286d4629c0e2d1b95a9cccca0f63fe

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
CT=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Thu, 10 Jun 2021 12:27:14 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie
E=ABxeWzrge69KvDA2; path=/; domain=e-planning.net; expires=Thu, 08-Jun-2028 12:27:14 GMT; SameSite=None; Secure
expires
Thu, 10 Jun 2021 12:27:14 GMT
x-sid
AMS-731
content-encoding
gzip

Redirect headers

server
openresty
date
Thu, 10 Jun 2021 12:27:14 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
CT=1; path=/; SameSite=None; Secure
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-731
csync
sync.console.adtarget.com.tr/ Frame 431B
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-9471156b-fbb0-472c-a2ae-669aec23e808
86 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-9471156b-fbb0-472c-a2ae-669aec23e808
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 12:27:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

location
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-9471156b-fbb0-472c-a2ae-669aec23e808
date
Thu, 10 Jun 2021 12:27:14 GMT
server
Apache-Coyote/1.1
content-length
0
csync
sync.adtelligent.com/ Frame 431B
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=05166c263995640a
86 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=05166c263995640a
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 12:27:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=05166c263995640a
Date
Thu, 10 Jun 2021 12:27:14 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
uu
ih.adscale.de/ Frame 07D0
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1623328034
  • https://ih.adscale.de/uu?cbfn=receive&t=1623328034&nut&uu=281d5d716d0743c3abbfa72e5e92c656
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1623328034&nut&uu=281d5d716d0743c3abbfa72e5e92c656
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dcc7885017e124e265f193b7854d69f7702c925f0410bf194ce173d83ca85aa3

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1623328034&nut&uu=281d5d716d0743c3abbfa72e5e92c656
date
Thu, 10 Jun 2021 12:27:14 GMT
content-length
0
/
onetag-sys.com/usync/ Frame 51F8 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=59a18369e249bfb
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.adtelligent.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.adtelligent.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
Cookie set csync
sync.adtelligent.com/ Frame EB68
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adtelligent
  • https://sync.adtelligent.com/csync?t=a&ep=307355&extuid=1uZjZdyPuZNNEBQIFQk4&pi=adtelligent
86 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307355&extuid=1uZjZdyPuZNNEBQIFQk4&pi=adtelligent
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.adtelligent.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=d0a6b98f31ab3239
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.adtelligent.com/

Response headers

Server
VertaMedia 1.0
Date
Thu, 10 Jun 2021 12:27:13 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=d0a6b98f31ab3239; expires=Wed, 11 Aug 2021 12:27:14 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None a307355=1uZjZdyPuZNNEBQIFQk4; expires=Wed, 11 Aug 2021 12:27:14 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None

Redirect headers

date
Thu, 10 Jun 2021 12:27:14 GMT Thu, 10 Jun 2021 12:27:14 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=307355&extuid=1uZjZdyPuZNNEBQIFQk4&pi=adtelligent
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
csync
sync.adtelligent.com/ Frame 79FD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=172250846410868264
86 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=172250846410868264
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 12:27:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:14 GMT
X-Proxy-Origin
86.106.103.116; 86.106.103.116; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.155:80
AN-X-Request-Uuid
b6d0372e-2a73-45c3-b60b-54b963786cd0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=172250846410868264
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame 79FD
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d0a6b98f31ab3239
35 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d0a6b98f31ab3239
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d0a6b98f31ab3239
Date
Thu, 10 Jun 2021 12:27:13 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
csync
sync.console.adtarget.com.tr/ Frame 79FD
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=d0a6b98f31ab3239
86 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=d0a6b98f31ab3239
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 12:27:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Location
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=d0a6b98f31ab3239
Date
Thu, 10 Jun 2021 12:27:13 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
integrator.js
adservice.google.se/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=glavred.info
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 12:27:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=glavred.info
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 12:27:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		83 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=336438710197889&correlator=3308725291257036&output=ldjh&impl=fifs&eid=31061161%2C31061278%2C31061289%2C31061413%2C21064369%2C31061150%2C31061200&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=82479101%2CGlavred.info%2CGlavred_CatFish%2CGlavred_Premium1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=1440x180%2C300x600&prev_scp=PageType_Glavred%3D%257Bsubdomain%257D%26PageRubric_Glavred%3Dempty%26excl_cat%3DPREPOST%7CPageType_Glavred%3Dmain%26PageRubric_Glavred%3Dempty%26excl_cat%3DPREPOST&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623328034&dt=1623328034137&dlt=1623328032395&idt=1362&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C1100&adys=-9%2C254&adks=387469368%2C2091012187&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_sd=1&flash=0&url=https%3A%2F%2Fglavred.info%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C300x-1&msz=0x-1%7C300x-1&ga_vid=1598728917.1623328033&ga_sid=1623328034&ga_hid=1768882602&ga_fc=false&fws=2%2C0&ohw=0%2C0&btvi=-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
4452f686956e6b99b6de4bc75f611be2d4aba880ef2edce38111a5eddaf5c872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20149
x-xss-protection
0
google-lineitem-id
-1,5443473053
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138319192146
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://glavred.info
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 892C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://glavred.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://glavred.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 10 Jun 2021 12:27:14 GMT
expires
Fri, 10 Jun 2022 12:27:14 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bundle.js
cdn.admatic.com.tr/user/ Frame 64A6 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-194.datapacket.com
Software
BunnyCDN-DE1-713 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
content-encoding
br
cdn-edgestorageid
601
cdn-storageserver
DE-51
cdn-cachedat
2021-06-08 21:27:55
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-713
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
ae93940d49ea7d2b30948a25f7070089
cdn-requestcountrycode
RO
cdn-requestpullsuccess
True
showad.js
ads.pubmatic.com/AdServer/js/ Frame 523C 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=151885
expires
Sat, 12 Jun 2021 06:38:39 GMT
date
Thu, 10 Jun 2021 12:27:14 GMT
vary
Accept-Encoding
um
u-ams02.e-planning.net/ Frame EC81
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D26681ece3803b4fc
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=26681ece3803b4fc
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=26681ece3803b4fc
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:17 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:14 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=26681ece3803b4fc
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
sync.e-planning.net/ Frame EC81
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4398024727
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4398024727
  • https://sync.1rx.io/usersync/tradedesk/7ea3541b-c225-47e6-a39d-a3c979e7a65c
  • https://sync.targeting.unrulymedia.com/csync/RX-4939d40c-c89d-4a52-8ff3-79bd29704893-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-4939d40c-c89d-4a52-8ff3-79bd29704893-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-4939d40c-c89d-4a52-8ff3-79bd29704893-003&dc=1079cc634ca638f8&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-4939d40c-c89d-4a52-8ff3-79bd29704893-003&dc=1079cc634ca638f8&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:17 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-4939d40c-c89d-4a52-8ff3-79bd29704893-003&dc=1079cc634ca638f8&iss=1
date
Thu, 10 Jun 2021 12:27:16 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4939d40cc89d4a528ff379bd29704893003
content-type
text/html
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame EC81 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 09 Jun 2026 12:27:14 GMT
tm60118.js
tag.navdmp.com/ Frame EC81 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm60118.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1015
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id
0a977d25f100006383fa350000000001
last-modified
Wed, 18 Nov 2020 16:32:07 GMT
server
cloudflare
etag
W/"5fb54c87-2ef4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
65d297b64b876383-FRA
expires
Thu, 10 Jun 2021 13:10:19 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame EC81 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 09 Jun 2026 12:27:14 GMT
um
u-ams02.e-planning.net/ Frame EC81
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D26681ece3803b4fc%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=26681ece3803b4fc&uid=95320c5d-9e87-4b79-a75e-34df13fefebd
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=26681ece3803b4fc&uid=95320c5d-9e87-4b79-a75e-34df13fefebd
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:21 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:21 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=26681ece3803b4fc&uid=95320c5d-9e87-4b79-a75e-34df13fefebd
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
bsfhu5mskg9djfseblaiira7r23v6gd3
ptag
a.audrte.com/ Frame EC81 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.82.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5667b0468b4473759479e94a71d2702eb1cc871e557357863538ef9cafdc5d22

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 12:27:15 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1680
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame EC81 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 09 Jun 2026 12:27:14 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame EC81 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D26681ece3803b4fc%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:14 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame EC81
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D26681ece3803b4fc
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Thu, 10 Jun 2021 12:27:14 GMT
server
nginx/1.10.3
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame EC81
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D26681ece3803b4fc%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=26681ece3803b4fc&uid=172250846410868264
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=26681ece3803b4fc&uid=172250846410868264
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:17 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:14 GMT
X-Proxy-Origin
86.106.103.116; 86.106.103.116; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.155:80
AN-X-Request-Uuid
d37dcefa-f0a3-4fae-bbf0-1a00db6d5436
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=26681ece3803b4fc&uid=172250846410868264
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame EC81 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D26681ece3803b4fc%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:14 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame EC81
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-qg3u179E2uEU6LLxFFrFkIyoenOG2W5OWQGIjeM-~A
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-qg3u179E2uEU6LLxFFrFkIyoenOG2W5OWQGIjeM-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:19 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Thu, 10 Jun 2021 12:27:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-qg3u179E2uEU6LLxFFrFkIyoenOG2W5OWQGIjeM-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame EC81
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D26681ece3803b4fc%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=26681ece3803b4fc&uid=f2630b9ed904010396315b2dd32c653c232eff14
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=26681ece3803b4fc&uid=f2630b9ed904010396315b2dd32c653c232eff14
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:17 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=26681ece3803b4fc&uid=f2630b9ed904010396315b2dd32c653c232eff14
Date
Thu, 10 Jun 2021 12:27:16 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
um
u-ams02.e-planning.net/ Frame EC81
Redirect Chain
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D26681ece3803b4fc
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=26681ece3803b4fc&uid=020000001D05C260A424EF4802D512B9
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=26681ece3803b4fc&uid=020000001D05C260A424EF4802D512B9
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:17 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=26681ece3803b4fc&uid=020000001D05C260A424EF4802D512B9
date
Thu, 10 Jun 2021 12:27:09 GMT
server
nginx/1.20.1
content-type
text/html
content-length
145
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
test_dmp.html
s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/ Frame EC81 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/test_dmp.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
usync.html
eus.rubiconproject.com/ Frame 4DE4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KPQVLJI0-1A-564C; rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOaCtjBo4SZbxOggbrIGePGKPQsSedLiI5+6kXB+stFOgDgupFyicA0miR16t7lELim1UyhM5ZM7bR0169gWtCL9ZNMX8SL/RMjCUbvnYwX9hUy4=; ses10=; vis10=48990^1; audit=1|naVuGyos1qrf3LmeVNSULsgLD1fHs1oE+sDn1grDZFLQZtuT8Z2DrFyb2FhpuRrpkD7l/kAx5Ur9Kel6TaCVbbKpUjWTmmg0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Jun 2021 12:27:16 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Thu, 10 Jun 2021 12:27:15 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3F41 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D26681ece3803b4fc%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D26681ece3803b4fc%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=170702
expires
Sat, 12 Jun 2021 11:52:16 GMT
date
Thu, 10 Jun 2021 12:27:14 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 523C 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54329700&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:12 GMT
content-length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame E30C 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D26681ece3803b4fc%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D26681ece3803b4fc%26uid%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D26681ece3803b4fc%26uid%3D

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=151885
expires
Sat, 12 Jun 2021 06:38:39 GMT
date
Thu, 10 Jun 2021 12:27:14 GMT
vary
Accept-Encoding
userconnect.js
js.adscale.de/ Frame 07D0 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:4a00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qk2YZDtBUeUOoSq4Qhy4ZfQ7Zg9BAnLT
content-encoding
br
last-modified
Wed, 02 Jun 2021 04:52:00 GMT
server
AmazonS3
age
5710
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8e7f8d6c351ed6517ae551a94de97acb.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Thu, 10 Jun 2021 10:52:05 GMT
x-amz-cf-pop
CDG50-P1
x-amz-cf-id
aTJbD3JGOy1VcytfYy7Ww4QcZ8WGDKtEg-48XylwUdRp9ufnTyNyBg==
csync
sync.console.adtarget.com.tr/ Frame 07D0 		86 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=281d5d716d0743c3abbfa72e5e92c656
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 12:27:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif
userconnect
ih.adscale.de/ Frame 07D0 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1623328034359&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
content-length
149
content-type
application/javascript
map
ih.adscale.de/ Frame C032 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3bff7be30cce48658afdbb7c93b8f9ea6b0f0d670da03411f09d3f6693208602

Request headers

:method
GET
:authority
ih.adscale.de
:scheme
https
:path
/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.adscale.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uu=281d5d716d0743c3abbfa72e5e92c656; cct=1623328034239
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.adscale.de/

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2702
set-cookie
tu=4#2674771725#48~~450924~450924~1#101~~450924~450924~1#39~~450924~450924~1#40~~450924~450924~1#42~~450924~450924~1#75~~450924~450924~1#108~~450924~450924~1#63~~450924~450924~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None cct=1623328034477; Max-Age=31336000; Domain=.adscale.de; Path=/; Secure; SameSite=None
Cookie set usermatch
ssum.casalemedia.com/ Frame 8555
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D&s=190243&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d1347e4fed500a1dc88f6ffcf2127cd21b3e50c574bb2cbaf6270a220be34570

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YMIFIipUuecXK9iBY1EVZAAA; CMPS=218
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|45|39|221|152|105|88
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1810
Expires
Thu, 10 Jun 2021 12:27:14 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:14 GMT
Connection
keep-alive
Set-Cookie
CMID=YMIFIipUuecXK9iBY1EVZAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 12:27:14 GMT CMPS=218;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 12:27:14 GMT CMPRO=1840;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 12:27:14 GMT CMST=YMIFImDCBSIA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Jun 2021 12:27:14 GMT CMRUM3=dd60c205222760&e660c205222760&5860c2052205a0&2760c205220b40&9860c2052205a00&f160c2052205a0&6960c2052205a0&2d60c2052205a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 12:27:14 GMT

Redirect headers

Server
Apache
Content-Length
345
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D&s=190243&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Thu, 10 Jun 2021 12:27:14 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:14 GMT
Connection
keep-alive
Set-Cookie
CMID=YMIFIipUuecXK9iBY1EVZAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 12:27:14 GMT CMPS=218;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 12:27:14 GMT
/
spl.zeotap.com/ Frame 2B0A 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b50d2f1d3cd73e54464d3f04b515f5327c73f67c8e429c6298b7654e6848752

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Thu, 10 Jun 2021 12:27:15 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
set-cookie
zc=bcc629cf-44c2-4803-7967-6c5815f79d17; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%D3%82%EB%DD%DB%CEL%248%BD%3BA%8Fa2%FA%40%25%BA%AB%03RM%1F%84_%04HPz%90N%AC%E4%A9%95%60w%19%7Ba%CD%14a96%00%7BD%D6P%98%CA%FA%E9%F6%FA%7D%D0%0C%D3%93%DB%B3%2F%40z%3C%7C%8C%81%60q%1B%95m%FF%3A%1B%5B%00v%C1%9A%D3%85%B1%E2%FB%94%5CT%0E%C2%1Dn%F8Q%0E%F8%D4%3C%10%DA%E52%21%C7%8FS%96%B1D%09%06e%E7K%19%16%EE%94%FEm%21%D8%B3%0F%CF%81%29l7%8C%86%FC%0E%08%E9%29%C45K%F4%7D%DA%CF%F6%EA%9D0%0A%E0k%DBh%16%B9%5B%14%E3%D3%CCc%9C%F3J%F2; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0a977d26a900004e0ee9ab0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65d297b77dd54e0e-FRA
content-encoding
br
match.js
js.adscale.de/ Frame C032 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:4a00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Hy7stwDKjWSCFshbRJl9T4nANPe7.cNc
content-encoding
br
last-modified
Wed, 02 Jun 2021 04:52:00 GMT
server
AmazonS3
age
5713
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8e7f8d6c351ed6517ae551a94de97acb.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Thu, 10 Jun 2021 10:52:02 GMT
x-amz-cf-pop
CDG50-P1
x-amz-cf-id
_9zmTnQypEZJoupZRFJD-pq3C4lgOin9QyWKYym_xbP2Tlam7ggMeA==
img
ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034474/0/ Frame C032
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=281d5d716d0743c3abbfa72e5e92c656&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b2905294903aa8e61f4efe21602%2F1623328034474%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034474/0/img?tpid=101&tpuid=BBID-01-02980420349511521-16310520
49 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034474/0/img?tpid=101&tpuid=BBID-01-02980420349511521-16310520
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:15 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Thu, 10 Jun 2021 12:27:14 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034474/0/img?tpid=101&tpuid=BBID-01-02980420349511521-16310520
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
container.html
52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2815 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://glavred.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://glavred.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 10 Jun 2021 12:27:14 GMT
expires
Fri, 10 Jun 2022 12:27:14 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2D33 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://glavred.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://glavred.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 10 Jun 2021 12:27:14 GMT
expires
Fri, 10 Jun 2022 12:27:14 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623066164336645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28149
x-xss-protection
0
expires
Thu, 10 Jun 2021 12:27:14 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2D33 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:25:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144132
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 20:25:02 GMT
glavred.info.977390.js
jsc.mgid.com/g/l/ Frame 2D33 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/g/l/glavred.info.977390.js
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c80ab65cc976b43273f36a3bfb30c2d9c2fdf8717db65d779967baa566d94195

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:15 GMT
content-encoding
br
cf-cache-status
HIT
age
6710
cf-polished
origSize=288336
last-modified
Tue, 18 May 2021 10:00:40 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
6AJ0AJ7MG74GA30M
x-amz-id-2
SneyfbNTfdRDkw7KrNf0Oo0YtO6tUyvZCdktsDDuUOqW50NZwKtzXWhDy96bDXAPaG/S86vl4nE=
cf-bgj
minify
server
cloudflare
etag
W/"d0175ff0db70cbcc1f2df93c030a9456"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
0a977d2c490000cb00ad0bf000000001
cf-ray
65d297c07c75cb00-ARN
expires
Thu, 10 Jun 2021 15:27:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D33 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623066169988846"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Thu, 10 Jun 2021 12:27:14 GMT
css
fonts.googleapis.com/ Frame 2815 		3 KB
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 10:40:42 GMT
server
ESF
date
Thu, 10 Jun 2021 12:27:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Jun 2021 12:27:14 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 2815 		1 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:15:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Jun 2021 12:15:12 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2815 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C22VQIgXCYJb1DPWqrASi66b4A720spxjr-aPuNkNZBABIP3_hSNg8a38haQfoAHZ1_e_A8gBCakCnx3cPBI7gD7gAgCoAwHIA5sEqgTpAU_QkVSMhlilpubSKbQsUwln2h-GJecmU6cQQ5jgjX0KQiKz9yaBRieTqjpr3v0X0_fopSjKCWIT97798FHlY5CtYoFdrIlJ3fErvAe104soS8vux6hMTyijQvRtWHp-8PdgURuJ8AJVpjQUPNu3PMpU3zG9_7hEX6lBMzPHDBP5Ens3SYknUMqMMCEdOFeDQMSEVzNRwAaTOWyLcEYvnagnQtdM4P_O--a68jFdhMkgzprVf_0xuqS46rd6lkir7JH0na_xbaNKHacAJwXzg8rxklD7Sp53L45Lqhd3R2g41BRimbe4WKTGwATL5PmbyAPgBAGSBQQIBBgBkgUECAUYBKAGLoAHj6iIQKgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCMiAfSCAkIiOGAEBABGB2ACgPICwGYDLGMrsS_A9gTDtAVAZgWAYAXAbIXGgoYCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMz&sigh=nSKNRSFaRsE&template_id=515
Requested by
Host: glavred.info
URL: https://glavred.info/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 2815 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:22:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7010
x-xss-protection
0
server
cafe
etag
16168581138844513892
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Jun 2021 12:22:55 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 2815 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Jun 2021 12:24:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2815 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623066169988846"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Thu, 10 Jun 2021 12:27:14 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 2815 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Jun 2021 12:25:25 GMT
l
www.google.com/ads/measurement/ Frame 2815 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaStQURZsbwJRF3LyeuZd-nn3I4caH6T4dK9NTR8f0hsnT7mU9SeOMvipa7bo6lw9JxxdoFu5SGZw5UVE8n0iwn_dFtOQA
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ef1eb58ff665bb7a112fcf12029c3c9f.js
www.gstatic.com/mysidia/ Frame 2815 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef1eb58ff665bb7a112fcf12029c3c9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 15:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10553
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 11:40:21 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 07 Sep 2021 15:49:26 GMT
12145448042571963804
tpc.googlesyndication.com/simgad/ Frame 2815 		439 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12145448042571963804?w=100&h=100
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e72d5194556a1e6bf01d217736c792ff30c1eca4b56847c3ca884da4028f720
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:16:37 GMT
x-content-type-options
nosniff
age
83437
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
439
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 14:46:20 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jun 2022 13:16:37 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/wrapper_hb_298309_4141.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://glavred.info
Date
Thu, 10 Jun 2021 12:27:14 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
view
securepubads.g.doubleclick.net/pcs/ Frame 2D33 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssu_ytdMmRLH94E8srr7dA8tSiFPsDdvkTl1873hS2BMwfhslMcSeB2qmuD-BPexeu6dLSn2GwcKC11DZQLWH6ZswzRuI_8ABAAFuZI4KUS4lEo8r-Yb8r41K23ZZ3m-Q8MBpN23Z6-vfuFFNzD2LfQTcg6yb4E-zKxx8w5ZbLRQ3c94ORsbJDTXFy_j6hmk_LMJuZ2GBbOd3IjpDQe0rI2lmTWYQWlgoOrMXX5H32KEkjCEXOFMJ_4HDrtENNuifgy5N80z-3JH6UK0lSISYHNVIs3MHGZ7bmRuPvPGmUtQ9fq8Qvi5IYSP4KbHOiNtQ&sai=AMfl-YTvH-b-rOHpkw7oVVKQeH05CjzZ_L08_0kOfZv_38MQy3Hkm6n38uBFLCKgJAoiukZEKHKBxmB67QPltIIDjKSCqLo0oEn5bkDcvy2gfBT2WpXKMGGJiC-HIMgNksNj&sig=Cg0ArKJSzD9K2A_5UzmDEAE&urlfix=1&adurl=
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 12:27:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 10 Jun 2021 12:27:14 GMT
truncated
/ Frame 2D33 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3ff6adb1387d1930f9639157cc4cb49806265bdfd6049acf5cd73bbac83083

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2815 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
436e1b4e514b30292e2c10dc800934370aa84c04d4d011fcb93a1b04d9b1ad85

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 2815 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 15:29:03 GMT
x-content-type-options
nosniff
age
161892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 15:29:03 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 2815 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 22:10:35 GMT
x-content-type-options
nosniff
age
137800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 22:10:35 GMT
dcm
s.amazon-adsystem.com/ Frame 8555
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMIFIipUuecXK9iBY1EVZAAABzAAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMIFIipUuecXK9iBY1EVZAAABzAAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMIFIipUuecXK9iBY1EVZAAABzAAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:15 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:15 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMIFIipUuecXK9iBY1EVZAAABzAAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8555
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMIFIipUuecXK9iBY1EVZAAABzAAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB-yiC1LVZBjuRSf0Wrb9D8&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB-yiC1LVZBjuRSf0Wrb9D8&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 10 Jun 2021 12:27:15 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB-yiC1LVZBjuRSf0Wrb9D8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8555
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMIFIipUuecXK9iBY1EVZAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECAbDE1dDwgkCETKcvUwWxE&google_cver=1&gdpr=1
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECAbDE1dDwgkCETKcvUwWxE&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 12:27:16 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECAbDE1dDwgkCETKcvUwWxE&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8555 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMIFIipUuecXK9iBY1EVZAAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tpid=YMIFIipUuecXK9iBY1EVZAAA%261840
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 8555
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMIFIipUuecXK9iBY1EVZAAA%261840?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMIFIipUuecXK9iBY1EVZAAA%261840?gdpr_consent=&us_privacy=&gdpr=1
49 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMIFIipUuecXK9iBY1EVZAAA%261840?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.130.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-130-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:18 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.22.138
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:18 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YMIFIipUuecXK9iBY1EVZAAA%261840?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.16.217
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 8555
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0c1ecb93-ced5-4291-87b8-30ad3f36c20d
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0c1ecb93-ced5-4291-87b8-30ad3f36c20d
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 12:27:18 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:18 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0c1ecb93-ced5-4291-87b8-30ad3f36c20d
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8555
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 12:27:18 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Thu, 10 Jun 2021 12:27:18 GMT
server
nginx/1.18.0
content-length
76
rum
dsum-sec.casalemedia.com/ Frame 8555
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YMIFJwABnFAicQAC
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMIFJwABnFAicQAC&gdpr=1&_test=YMIFJwABnFAicQAC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMIFJwABnFAicQAC&gdpr=1&_test=YMIFJwABnFAicQAC
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 12:27:20 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623328040.093451,VS0,VE0
x-served-by
cache-fra19181-FRA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMIFJwABnFAicQAC&gdpr=1&_test=YMIFJwABnFAicQAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
um
u-ams02.e-planning.net/ Frame 8555 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=26681ece3803b4fc&uid=YMIFIipUuecXK9iBY1EVZAAA%261840
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D26681ece3803b4fc%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:17 GMT
server
openresty
content-type
image/gif
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame C032
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=781af23b686d69703b5bfb4...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=e47360c2-0523-4900-86c7-1eba6a3cb997&gdpr=0&gdpr_consent=
49 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=e47360c2-0523-4900-86c7-1eba6a3cb997&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:15 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Thu, 10 Jun 2021 12:26:40 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=e47360c2-0523-4900-86c7-1eba6a3cb997&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Jun 2021 12:26:39 GMT
img
ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034474/0/ Frame C032
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b2905294903aa8e61f4efe21602%2F1623328034474%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034474/0/img?tpid=75&tpuid=172250846410868264&gdpr=0
49 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034474/0/img?tpid=75&tpuid=172250846410868264&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:15 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:15 GMT
X-Proxy-Origin
86.106.103.116; 86.106.103.116; 826.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.86:80
AN-X-Request-Uuid
514e9e94-c392-49d9-bee5-f83c068a53ba
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034474/0/img?tpid=75&tpuid=172250846410868264&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
ib.adnxs.com/ Frame 2B0A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 2B0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6a...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGq-j7Nd8Fk1MJqySi4PxW8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396...
95 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEGq-j7Nd8Fk1MJqySi4PxW8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d297bee8ad4e0e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a977d2b4d00004e0ebb277000000001

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEGq-j7Nd8Fk1MJqySi4PxW8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 2B0A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=d9b33c7a-9fdf-43bf-a903-ac37828ae747&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=d9b33c7a-9fdf-43bf-a903-ac37828ae747&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d297bf8a674e0e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a977d2bb300004e0ed2978000000001

Redirect headers

date
Thu, 10 Jun 2021 12:27:15 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=d9b33c7a-9fdf-43bf-a903-ac37828ae747&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
alt-svc
clear
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 2B0A 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:18 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 2B0A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbcc629cf-44c2-4803-7967-6c5815f79d17%26reqId%3Df...
  • https://mwzeom.zeotap.com/mw?cid=7ea3541b-c225-47e6-a39d-a3c979e7a65c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7ea3541b-c225-47e6-a39d-a3c979e7a65c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d297bee8a84e0e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a977d2b4c00004e0ed296c000000001

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=7ea3541b-c225-47e6-a39d-a3c979e7a65c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 2B0A 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
60
date
Thu, 10 Jun 2021 12:27:22 GMT
via
1.1 varnish
server
nginx
x-timer
S1623328043.826129,VS0,VE60
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11582-HHN
u
dmp.v.fwmrm.net/ad/ Frame 2B0A 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:5::48 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:15 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 2B0A 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbcc629cf-44c2-4803-7967-6c5815f79d17%26reqId%3Df9f396cc-3155-468a-6afe-705606665097%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 2B0A
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=8e69c8df-5bc1-4ad6-9f9e-1df9aed7f751&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=8e69c8df-5bc1-4ad6-9f9e-1df9aed7f751&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d297bf6a144e0e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a977d2b9e00004e0eb20dc000000001

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:15 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=8e69c8df-5bc1-4ad6-9f9e-1df9aed7f751&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 2B0A
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=bcc629cf-44c2-4803-7967-6c5815f79d17&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=bcc629cf-44c2-4803-7967-6c5815f79d17&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=81365968519088248112315435162223986388&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=81365968519088248112315435162223986388&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:23 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d297ee5b4b4e0e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a977d48fe00004e0e970b8000000001

Redirect headers

DCS
dcs-prod-irl1-2-v008-0985ea631.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
+FtUxQOUTp4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=81365968519088248112315435162223986388&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 2B0A 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 2B0A
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=bcc629cf-44c2-4803-7967-6c5815f79d17&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021061014-34083-0.155057001623328043-1aaa156ebc358072b42d0de9a6edd94a&zdid=533&env=mWeb
95 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021061014-34083-0.155057001623328043-1aaa156ebc358072b42d0de9a6edd94a&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:23 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d297edea2e4e0e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a977d48b200004e0ead98a000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021061014-34083-0.155057001623328043-1aaa156ebc358072b42d0de9a6edd94a&zdid=533&env=mWeb
Date
Thu, 10 Jun 2021 12:27:23 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 2B0A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6972140829596776596&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6972140829596776596&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d297c80a904e0e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a977d310a00004e0ec03a2000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6972140829596776596&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Date
Thu, 10 Jun 2021 12:27:17 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 2B0A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=bcc629cf-44c2-4803-7967-6c5815f79d17
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=bcc629cf-44c2-4803-7967-6c5815f79d17
95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=bcc629cf-44c2-4803-7967-6c5815f79d17
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:15 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95

Redirect headers

date
Thu, 10 Jun 2021 12:27:15 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=bcc629cf-44c2-4803-7967-6c5815f79d17
alt-svc
clear
content-length
0
mw
mwzeom.zeotap.com/ Frame 2B0A
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=bcc629cf-44c2-4803-7967-6c5815f79d17&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=bcc629cf-44c2-4803-7967-6c5815f79d17&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=8xuxALkBP1N2r/Is/7eFdu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-46...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=8xuxALkBP1N2r/Is/7eFdu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d297c09d904e0e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a977d2c6300004e0ed0bd1000000001

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:15 GMT
via
1.1 google
last-modified
Thu, 10 Jun 2021 12:27:15 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=8xuxALkBP1N2r/Is/7eFdu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 2B0A 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=bcc629cf-44c2-4803-7967-6c5815f79d17&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.101 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 2B0A
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=bcc629cf-44c2-4803-7967-6c5815f79d17?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=bcc629cf-44c2-4803-7967-6c5815f79d17?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=a68b1da16b0fb7b27daa8a1861f7ee06&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-31...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=a68b1da16b0fb7b27daa8a1861f7ee06&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d297d1cd6a4e0e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a977d372200004e0e82b7c000000001

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:18 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=a68b1da16b0fb7b27daa8a1861f7ee06&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
cache-control
no-cache
x-server
10.45.10.223
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 2B0A
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-dPckyvJE2or4Ua00PX3Bv3ZyWFjWkETr9g--~A&zpartnerid=570&env=mWeb
95 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-dPckyvJE2or4Ua00PX3Bv3ZyWFjWkETr9g--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d297c7ea2f4e0e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a977d30f600004e0ea383e000000001

Redirect headers

date
Thu, 10 Jun 2021 12:27:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-dPckyvJE2or4Ua00PX3Bv3ZyWFjWkETr9g--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 2B0A
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=5Qi0rJJPV8ETtlxHBqSmn5hjk0sL5E1c%2BS41iYitP1U%3D
95 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=5Qi0rJJPV8ETtlxHBqSmn5hjk0sL5E1c%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d297c37cde4e0e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a977d2e2700004e0e74367000000001

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=5Qi0rJJPV8ETtlxHBqSmn5hjk0sL5E1c%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 2B0A 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=bcc629cf-44c2-4803-7967-6c5815f79d17&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 2B0A 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.238.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1623328036
x-served-by
beacon-n009-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 2B0A 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=bcc629cf-44c2-4803-7967-6c5815f79d17&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:15 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 2B0A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMIFJwABcb_CXABg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705...
95 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMIFJwABcb_CXABg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361&_test=YMIFJwABcb_CXABg
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d297dabddc4e0e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a977d3cb600004e0ea19d2000000001

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623328040.091601,VS0,VE0
x-served-by
cache-fra19181-FRA
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMIFJwABcb_CXABg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361&_test=YMIFJwABcb_CXABg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 2B0A
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=fe9160c2-0524-4d00-983c-6a96bc276389&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396c...
95 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=fe9160c2-0524-4d00-983c-6a96bc276389&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d297ce9c9f4e0e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a977d351f00004e0ec9a90000000001

Redirect headers

Date
Thu, 10 Jun 2021 12:27:18 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=fe9160c2-0524-4d00-983c-6a96bc276389&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Thu, 10 Jun 2021 12:29:32 GMT
usermatch.gif
beacon.krxd.net/ Frame 2B0A
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OLD8nuPq&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=bcc629cf-44c2-4803-7967-6c5815f79d17
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=bcc629cf-44c2-4803-7967-6c5815f79d17
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.238.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:18 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1623328038
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 10 Jun 2021 12:27:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://spl.zeotap.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=bcc629cf-44c2-4803-7967-6c5815f79d17
access-control-allow-credentials
true
cf-ray
65d297d11b864e0e-FRA
access-control-allow-headers
*
cf-request-id
0a977d36ac00004e0ebb3ca000000001
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2B0A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=bcc629cf-44c2-4803-7967-6c5815f79d17&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-796...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=bcc629cf-44c2-4803-7967-6c5815f79d17&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-796...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=bcc629cf-44c2-4803-7967-6c5815f79d17&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:17 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:17 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=bcc629cf-44c2-4803-7967-6c5815f79d17&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 2B0A
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=bcc629cf-44c2-4803-7967-6c5815f79d17&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d297d26efb4e0e-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a977d378000004e0ec6942000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Thu, 10 Jun 2021 12:27:18 GMT
Connection
keep-alive
Content-Length
0
BK-Server
575
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 2B0A 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dbcc629cf-44c2-4803-7967-6c5815f79d17%26reqId%3Df9f396cc-3155-468a-6afe-705606665097%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.31.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:18 GMT
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 2B0A 		557 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2748da4707989f370e1ab5c97d94aa300c67786643b217c04c8b962a85a0f71

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
65d297be6f584e0e-FRA
date
Thu, 10 Jun 2021 12:27:15 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
0a977d2b0200004e0ebf027000000001
cmp
spl.zeotap.com/ Frame 2B0A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=bcc629cf-44c2-4803-7967-6c5815f79d17&reqId=f9f396cc-3155-468a-6afe-705606665097&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=bcc629cf-44c2-4803-7967-6c5815f79d17; zsc=%D3%82%EB%DD%DB%CEL%248%BD%3BA%8Fa2%FA%40%25%BA%AB%03RM%1F%84_%04HPz%90N%AC%E4%A9%95%60w%19%7Ba%CD%14a96%00%7BD%D6P%98%CA%FA%E9%F6%FA%7D%D0%0C%D3%93%DB%B3%2F%40z%3C%7C%8C%81%60q%1B%95m%FF%3A%1B%5B%00v%C1%9A%D3%85%B1%E2%FB%94%5CT%0E%C2%1Dn%F8Q%0E%F8%D4%3C%10%DA%E52%21%C7%8FS%96%B1D%09%06e%E7K%19%16%EE%94%FEm%21%D8%B3%0F%CF%81%29l7%8C%86%FC%0E%08%E9%29%C45K%F4%7D%DA%CF%F6%EA%9D0%0A%E0k%DBh%16%B9%5B%14%E3%D3%CCc%9C%F3J%F2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0a977d2b3100004e0ec9961000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65d297beb83c4e0e-FRA
cc.js
tags.crwdcntrl.net/c/15238/ Frame EC81 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-92.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 10 Jun 2021 08:55:07 GMT
content-encoding
gzip
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
12730
etag
W/"2b2f816f40499d384e118ce88a266e02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 b81d17a9e7eef1e489776410aee346e2.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
CDG50-P1
x-amz-cf-id
5dk7yKayIB2VXASnjASOmtKk4JrGKBynPV0FVX7A9Pvxi_qGaB6DPw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame A731 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
E=ABxeWzrge69KvDA2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Thu, 10 Jun 2021 12:27:15 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Tue, 09 Jun 2026 12:27:15 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame EB32 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0daf36cfc8821150ef3ab474418f2b50df905e31135455572a3a266221c8d1c

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
content-type
text/html
set-cookie
uid=2b087f64-6c6d-44e6-a10b-4e8ead72af67; expires=Wed, 30 Jun 2021 12:27:15 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0a977d2c17000005e42b8d4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VaxMMUHnh95BoubMrVZ%2FxUNhVajV0goMUDrgdGzH%2FO7x5CCXon4DDd%2BNq8RhpgXPA3w54YGvmL3jUNgrIqSJr8gg7F8atQTW8FJvup7lsdmYtgRmrFmfWtRjHZYnFcVSLRYg4sRiqu%2BpLt4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65d297c02d9605e4-FRA
content-encoding
br
Cookie set csync
sync.console.adtarget.com.tr/ Frame A440 		86 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ABxeWzrge69KvDA2
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=05166c263995640a; a307080=1uZjZdyPuZNNEBQIFQk4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Thu, 10 Jun 2021 12:27:15 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=05166c263995640a; expires=Wed, 11 Aug 2021 12:27:15 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307442=ABxeWzrge69KvDA2; expires=Wed, 11 Aug 2021 12:27:15 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/hb_298309_4141.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:15 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:09:58 GMT
server
nginx
etag
W/"60b79136-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Jun 2021 12:27:15 GMT
GS.d
js.cookieless-data.com/ Frame A731 		0
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1623328035895
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
0
expires
Tue, 01 Jan 2000 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
185 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://glavred.info
date
Thu, 10 Jun 2021 12:27:14 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:15 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:09:58 GMT
server
nginx
etag
W/"60b79136-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Jun 2021 12:27:15 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame C032
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=63f0fb176646f82874ccf2e31...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YMIFIipUuecXK9iBY1EVZAAA%261840
49 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YMIFIipUuecXK9iBY1EVZAAA%261840
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YMIFIipUuecXK9iBY1EVZAAA%261840
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Thu, 10 Jun 2021 12:27:15 GMT
/
c.mgid.com/pv/ Frame 2D33 		0
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1623328036101791365792&uniqId=050c9&niet=4g&nisd=false&iframe=2&ref=https%3A%2F%2Fglavred.info%2F&cxurl=https%3A%2F%2Fglavred.info%2F&pr=glavred.info&lu=https%3A%2F%2F52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&pageView=1&pvid=179f5e415068695a85a&site=441638&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/glavred.info.977390.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65d297c1cefdcb00-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d2d190000cb0078299000000001
MGID_plus.svg
cdn.mgid.com/images/logos/ Frame 2D33 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
content-encoding
br
cf-cache-status
HIT
age
488
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-request-id
0a977d2d230000cb006a3e8000000001
cf-ray
65d297c1cf1dcb00-ARN
expires
Fri, 11 Jun 2021 12:27:16 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 2D33 		836 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
content-encoding
br
cf-cache-status
HIT
age
488
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
1D76EA8A206ECCA7
x-amz-id-2
lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-request-id
0a977d2d1e0000cb00758ba000000001
cf-ray
65d297c1cf16cb00-ARN
expires
Fri, 11 Jun 2021 12:27:16 GMT
truncated
/ Frame 2D33 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
532ebb63b21f25cd2321d533fa378e22801af099c6b8b115d66f5fb2a9b9f482

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
securepubads.g.doubleclick.net/pagead/ Frame 2815 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpYm7IgXCYJb1DPWqrASi66b4A720spxjr-aPuNkNZBABIP3_hSNg8a38haQfoAHZ1_e_A8gBCakCnx3cPBI7gD7gAgCoAwGqBOkBT9CRVIyGWKWm5tIptCxTCWfaH4Yl5yZTpxBDmOCNfQpCIrP3JoFGJ5OqOmve_RfT9-ilKMoJYhP3vv3wUeVjkK1igV2siUnd8Su8B7XTiyhLy-7HqExPKKNC9G1Yen7w92BRG4nwAlWmNBQ827c8ylTfMb3_uERfqUEzM8cME_kSezdJiSdQyowwIR04V4NAxIRXM1HABpM5bItwRi-dqCdC10zg_8775rryMV2EySDOmtV__TG6pLjqt3qWSKvskfSdr_Fto0odpwAnBfODyvGSUPtKnncvjkuqF3dHaDjUFGKZt7hYpMbABMvk-ZvIA-AEAZIFBAgEGAGSBQQIBRgEoAYugAePqIhAqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEIyIB9IICQiI4YAQEAEYHYAKA8gLAZgMsYyuxL8D2BMO0BUBmBYBgBcBshcaChgIABIUcHViLTkxMzgyNDc2NTM3NTQ1MzM&sigh=Bb_qopPpYvk&vt=1&template_id=515
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 2815 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsBjIKUbo_Yj8XaPiT9gwRiqH3cV9ND_CrG7Sd1dWGlW6ZZVnScTs2nriaKTwkm5LA3KtWBdEZacJz82rsLP3zza3JYdhqMvqByVwB2YEcpsP3m8mkns-0T8woViBXB-lRjNS8jTvm99WI9i3DhSmVpMe2ElbpwxpOVYSdiw&sai=AMfl-YTPNavj53GOfJRMg3WI5CcO3xIr6yS0-W5WZYR-ujnDyjoxak67-IaB_dq6r6NBosq2mNUvdU_dIwsow6TgPdp5G2bSthqK8yJttHEmWGvx3pILiI4M2Uq2esr7ttyy&sig=Cg0ArKJSzDecqsu4Rm3rEAE&id=lidar2&mcvt=1082&p=1020,80,1200,1520&mtos=1082,1082,1082,1082,1082&tos=1082,0,0,0,0&v=20210607&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=387469368&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623328034780&dlt=13&rpt=229&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034476/0/ Frame C032
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=b1d1eb24786968b6e8685f81ecec8eb5198dc17888979c0e17bc339e680ea614&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b2905294903aa8e61...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=b1d1eb24786968b6e8685f81ecec8eb5198dc17888979c0e17bc339e680ea614&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b2905294903a...
  • https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034476/0/img?tpid=42&gdpr=0&tpuid=3781687751742042847
49 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034476/0/img?tpid=42&gdpr=0&tpuid=3781687751742042847
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
server
nginx
location
https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034476/0/img?tpid=42&gdpr=0&tpuid=3781687751742042847
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
setuid
sync.quantumdex.io/ Frame EB32
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=f2630b9ed904010396315b2dd32c653c232eff14
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=f2630b9ed904010396315b2dd32c653c232eff14
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MlEW9cDx1friH1yBKKTmLNOoPweuLczTzcCr9P4dTSbu3g47M60%2BphvWtaKB%2Bzvd8xqxLlJwCA9ddvmr3ixTHtOvX3KoAeCIL9uCJAA16lSJzyLu3OlvwJalLnRwkJGW%2FnSWrPz9Sm%2FgZM0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65d297c53bb505e4-FRA
content-length
43
cf-request-id
0a977d2f3e000005e4180c6000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=f2630b9ed904010396315b2dd32c653c232eff14
Date
Thu, 10 Jun 2021 12:27:16 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame EB32
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=172250846410868264
43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=172250846410868264
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=f0kWYU80JuQeepCjbXHau4pyku9ZzPC4NeFKTEtk%2F1RG984YdFASI6Dau%2BwutL%2B06v%2BTX9dyazcYD9X65D4g1s9vjiINTM%2Bxdy6cnzGGzEccDYuhtdgbCNUelVrMGWdYHG7T2RA%2FjHI2tXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65d297d5fb0a05e4-FRA
content-length
43
cf-request-id
0a977d39b9000005e4e22c9000000001

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:19 GMT
X-Proxy-Origin
86.106.103.116; 86.106.103.116; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.228:80
AN-X-Request-Uuid
fa727d15-162a-47bb-8f14-e2834a7d33b9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=172250846410868264
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame EB32
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=172250846410868264
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=172250846410868264
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=k%2FyAQN%2FupDf84bvVNXIidJqqmGYrg1my1Shj90Fz8BkyedL%2F7t74IsCo%2FG0ipvze8Pcs7VwLZEtBMbQL98mIwc9N0yxKLo%2B6VtqsGjVNyO3vmSmRdkipGvdyAxMj7zIkGdbLY3zZppFIi38%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65d297d5fb1405e4-FRA
content-length
43
cf-request-id
0a977d39b9000005e4fb050000000001

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:19 GMT
X-Proxy-Origin
86.106.103.116; 86.106.103.116; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.118:80
AN-X-Request-Uuid
d08a34d4-4c40-41b5-b91b-7f0618729eca
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=172250846410868264
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame EB32
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=172250846410868264
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=172250846410868264
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rao%2FRnhq5nJEpSI6MRtbnjGP7E4%2FlZzcXsUJaSI4VAzQjHlv8OLkzcH%2Fn9bgUryDpXSDTy%2BcYzEVezf3M2V1xZiRtq%2Bbsaurvt36EwvWPiuQKD4MjF1RRVX9NsmmrJ4Q6Oj1aaNbRToKVkw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65d297d5fb2305e4-FRA
content-length
43
cf-request-id
0a977d39bc000005e4fb86e000000001

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:19 GMT
X-Proxy-Origin
86.106.103.116; 86.106.103.116; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.57:80
AN-X-Request-Uuid
e72502d3-5f53-4e15-b2e3-2e8df3ea01ec
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=172250846410868264
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame EB32
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-qX2w4m1E2uGXx_7TeBc2RlTEXaMQOdQAu7Nj_Oo-~A
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-qX2w4m1E2uGXx_7TeBc2RlTEXaMQOdQAu7Nj_Oo-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:19 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UGkIBFZ8RO9zsZvqCZ5K85LlgdPUQJg%2FKrtctSoHJAfGy4BGr0NUu1JO6aELjRAVF%2BdzebYuUtOwI422PB8anSFQnBuDh84rdC36kUtzvr2FXlKnFoKtPm24hqZxrAU2x%2FLQgDHh9bXcg0M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65d297d71e5405e4-FRA
content-length
43
cf-request-id
0a977d3a72000005e4fb060000000001

Redirect headers

Date
Thu, 10 Jun 2021 12:27:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-qX2w4m1E2uGXx_7TeBc2RlTEXaMQOdQAu7Nj_Oo-~A
Connection
keep-alive
Content-Length
0
us
sync.go.sonobi.com/ Frame EB32 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:19 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame EB32
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=91c64d74-7a26-52a1-8866-6d35e8a46817
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=91c64d74-7a26-52a1-8866-6d35e8a46817
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MxEGcuHsBd80%2Fa4%2BCNNTUQkkitPUm4cJ2y9yP1T33aKxreryRSpSByic5gcrRofoW8CHbOMXp6Ls15Ffq3v0IC71YMMxYpOVr%2FVyLOAA6vQZrQ%2B7jyd1v%2BcC1iIWtOnyN2wKlIPO8xIYCJk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65d297c27c4605e4-FRA
content-length
43
cf-request-id
0a977d2d87000005e4f8331000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=91c64d74-7a26-52a1-8866-6d35e8a46817
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
um
sync.e-planning.net/ Frame EB32 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=2b087f64-6c6d-44e6-a10b-4e8ead72af67
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:17 GMT
server
openresty
content-type
image/gif
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame C460 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ae7f33d7a977b63b188b0d48f8a1620f1d3935127000eecd4c7a96dc044f02a0

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YMIFIipUuecXK9iBY1EVZAAA; CMPS=218; CMPRO=1840; CMRUM3=dd60c205222760&e660c205222760&5860c2052205a0&2760c205220b40&9860c2052205a00&f160c2052205a0&6960c2052205a0&2d60c2052205a0; CMST=YMIFImDCBSMA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|3|4|190|8|57|111
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1457
Expires
Thu, 10 Jun 2021 12:27:16 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:16 GMT
Connection
keep-alive
Set-Cookie
CMID=YMIFIipUuecXK9iBY1EVZAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 12:27:16 GMT CMPS=218;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 12:27:16 GMT CMPRO=1840;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 12:27:16 GMT CMST=YMIFImDCBSQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Jun 2021 12:27:16 GMT CMRUM3=0460c2052405a0&9860c2052205a00&3960c2052405a0&6f60c2052405a0&dd60c205222760&0860c2052405a00&be60c2052405a0&2e60c2052405a0&2760c205220b40&f160c2052205a0&6960c2052205a0&2d60c2052205a0&0360c2052405a0&5860c2052205a0&e660c205222760&4960c2052405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 12:27:16 GMT
/
onetag-sys.com/usync/ Frame B9B3 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame 63D7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP003 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP003
date
Thu, 10 Jun 2021 12:27:19 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame 4D0B 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Thu, 10 Jun 2021 12:27:19 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YMIFK; path=/; domain=.go.sonobi.com
17
servicer.mgid.com/977390/ Frame 2D33 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/977390/17?pv=5&cbuster=1623328036164592400224&uniqId=050c9&niet=4g&nisd=false&w=300&h=615&cols=1&iframe=2&ref=https%3A%2F%2Fglavred.info%2F&cxurl=https%3A%2F%2Fglavred.info%2F&pr=glavred.info&lu=https%3A%2F%2F52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&pageView=1&pvid=179f5e415068695a85a&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/glavred.info.977390.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb8a610a754c611f0c95c2111560fbabcbb0957faaf48337d06654ce59d16b20

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65d297c22fe6cb00-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d2d580000cb00e386c000000001
widget-ssp-performance
c.mgid.com/ Frame 2D33 		43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/widget-ssp-performance?time=67
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65d297c26fd61669-ARN
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d2d7c00001669741c2000000001
i.js
cm.mgid.com/ Frame 2D33 		1 KB
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1623328036240164933519
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/glavred.info.977390.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
920c0f1801f5bef94ff740f378de30debf597a14865fb10cf25a7b5935f960e7

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
cffaa808-5753-4329-90db-a55b5aec0825
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65d297c2a8f7cb00-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d2dad0000cb008e173000000001
server
cloudflare
i-noref.js
cm.mgid.com/ Frame DCCB 		19 B
188 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1623328036245413325051
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/glavred.info.977390.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
f0e43fcf-cb4d-46fa-83ee-9a6f63b0dcd5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65d297c2a8facb00-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d2daa0000cb00f7935000000001
server
cloudflare
beacon.js
sb.scorecardresearch.com/ Frame 2D33 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/g/l/glavred.info.977390.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-113.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:06:45 GMT
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1236
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
content-length
1469
x-amz-cf-id
0SFBbsPx54RlrLsCocYWJEKn_Ibatqv3OETXXBmu0KsA371XdXC2ow==
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp
s-img.mgid.com/g/8193516/370x209/0x299x1080x720/ Frame 2D33 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193516/370x209/0x299x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp?v=1623328036-QBVIJ9xsI2ls_RhW8x4JEIPMQ1dTpKoZCT1uz_pUkXQ
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c2e412efd41513812c7017de4d8a1e2cab61f1a93abf66b0ae4f62d47ca03ca

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
cf-cache-status
HIT
x-mg-request-uuid
f5152e1c-b92e-42f7-b2a8-98c1cd453a65
age
2948786
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9726
cf-request-id
0a977d2da90000cb00ec83c000000001
last-modified
Wed, 21 Apr 2021 15:57:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65d297c2a8f3cb00-ARN
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0LzZhY2MwZWM3MWNiNDAyMDM4ZDU5YTlkMGE3MzE5MzAyLnBuZw.webp
s-img.mgid.com/g/8193514/370x209/0x351x1081x720/ Frame 2D33 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193514/370x209/0x351x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0LzZhY2MwZWM3MWNiNDAyMDM4ZDU5YTlkMGE3MzE5MzAyLnBuZw.webp?v=1623328036-_U6Nor2ICIAvYMoTHELzvqGY9Z6DebmcKzhd26xwLZA
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70174fee3292d69c7a3654f935c4f40e27a7cbb2c20c88fd4c1421aafba1bc24

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
cf-cache-status
HIT
x-mg-request-uuid
34232c68-58a6-4387-b308-13f2bcbc177e
age
2946600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9248
cf-request-id
0a977d2da90000cb008c137000000001
last-modified
Wed, 10 Feb 2021 07:16:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65d297c2a8f2cb00-ARN
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzY0NmEwYTE2MGNjNTI5YzE1ZGM1YTE3YjZkYThhZDU4LnBuZw.webp
s-img.mgid.com/g/8164850/370x209/0x316x716x477/ Frame 2D33 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164850/370x209/0x316x716x477/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzY0NmEwYTE2MGNjNTI5YzE1ZGM1YTE3YjZkYThhZDU4LnBuZw.webp?v=1623328036-EC16KamAW1HNmx-3ZuPgv-j79KMxFJGW82n0ma1RpFk
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb45315ab78b54bd032bce6cf41e49a435a31a021d734982bee57392eccdc439

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
cf-cache-status
HIT
x-mg-request-uuid
fe4c9b0a-0257-47b5-9db5-b2741ba58867
age
2947713
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
11384
cf-request-id
0a977d2daa0000cb001faf2000000001
last-modified
Mon, 08 Feb 2021 10:20:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
65d297c2a8f6cb00-ARN
widget-ssp-performance
c.mgid.com/ Frame 2D33 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/widget-ssp-performance?time=66
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65d297c2a89d1669-ARN
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d2da9000016695520a000000001
YMIFIipUuecXK9iBY1EVZAAABzAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C460 		43 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YMIFIipUuecXK9iBY1EVZAAABzAAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame C460 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame C460
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e47360c2-0523-4900-86c7-1eba6a3cb997&gdpr=1&gdpr_consent=
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e47360c2-0523-4900-86c7-1eba6a3cb997&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 12:27:16 GMT

Redirect headers

Date
Thu, 10 Jun 2021 12:26:41 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e47360c2-0523-4900-86c7-1eba6a3cb997&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Jun 2021 12:26:40 GMT
rum
dsum-sec.casalemedia.com/ Frame C460
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7843073990609540255
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7843073990609540255
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 12:27:16 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7843073990609540255
pragma
no-cache
date
Thu, 10 Jun 2021 12:27:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
getuid
ib.adnxs.com/ Frame C460 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame C460
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=ddeabef6-b46a-44f1-bd84-59b38dd6dbbf&expiration=1654864037
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=ddeabef6-b46a-44f1-bd84-59b38dd6dbbf&expiration=1654864037
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 12:27:17 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=ddeabef6-b46a-44f1-bd84-59b38dd6dbbf&expiration=1654864037
date
Thu, 10 Jun 2021 12:27:17 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame C460
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827871554320804
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827871554320804&C=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827871554320804&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 12:27:21 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 12:27:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827871554320804&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
283
Expires
Thu, 10 Jun 2021 12:27:21 GMT
match
c1.adform.net/serving/cookie/ Frame C460 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:19 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
setuid
sync.quantumdex.io/ Frame C460 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YMIFIipUuecXK9iBY1EVZAAABzAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9VOPbgMUXsu2cY87H2FQZ4Onh8M6S6R7Wve57BpZEAIPLpq4k4iWG816gnxd1vk3dZBfHiveNCnTOrYsYo61O%2Fi34EiRVWkRwoWEDaW22t49PP5mnLmOMwWiQbNQUXUNxBUztnR9s5A0JB4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65d297c29cab05e4-FRA
content-length
43
cf-request-id
0a977d2da3000005e49628a000000001
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame C032
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=69b3a8b4-9c33-4a78-a9e4-c0cd52c12843
49 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=69b3a8b4-9c33-4a78-a9e4-c0cd52c12843
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Thu, 10 Jun 2021 12:27:15 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=69b3a8b4-9c33-4a78-a9e4-c0cd52c12843
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3298
content-type
text/html; charset=utf-8
content-length
237
expires
Thu, 10 Jun 2021 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 291F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1623328036240164933519
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KPQVLJI0-1A-564C; rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOaCtjBo4SZbxOggbrIGePGKPQsSedLiI5+6kXB+stFOgDgupFyicA0miR16t7lELim1UyhM5ZM7bR0169gWtCL9ZNMX8SL/RMjCUbvnYwX9hUy4=; ses10=; vis10=48990^1; audit=1|naVuGyos1qrf3LmeVNSULsgLD1fHs1oE+sDn1grDZFLQZtuT8Z2DrFyb2FhpuRrpkD7l/kAx5Ur9Kel6TaCVbbKpUjWTmmg0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Jun 2021 12:27:16 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Thu, 10 Jun 2021 12:27:16 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
cm.lentainform.com/setmuidn/ Frame 2D33 		0
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l5agjUtxdtr5
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65d297f1bac3cb04-ARN
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d4b100000cb0478840000000001
m
cm.mgid.com/ Frame 2D33
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://cm.mgid.com/m?cdsp=501037&c=1uZjZdyPuZNNEBQIFQk4&pi=mgid
43 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=1uZjZdyPuZNNEBQIFQk4&pi=mgid
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
bd2db487-77d9-4acc-bee0-4b125eb06df0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65d297c38aa91669-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d2e3400001669a5825000000001
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=1uZjZdyPuZNNEBQIFQk4&pi=mgid
pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT, Thu, 10 Jun 2021 12:27:16 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
cm.mgid.com/ Frame 2D33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDVhZ2pVdHhkdHI1&muidn=l5agjUtxdtr5
  • https://cm.mgid.com/google?muidn=l5agjUtxdtr5&google_ula={guid},5&google_gid=CAESEFZdA3XiMptwMr_x3ulIx20&google_cver=1
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l5agjUtxdtr5&google_ula={guid},5&google_gid=CAESEFZdA3XiMptwMr_x3ulIx20&google_cver=1
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65d297c39aec1669-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d2e3c0000166954bba000000001

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l5agjUtxdtr5&google_ula={guid},5&google_gid=CAESEFZdA3XiMptwMr_x3ulIx20&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/ Frame 2D33
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=7ea3541b-c225-47e6-a39d-a3c979e7a65c&ttl=1625920036
43 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=7ea3541b-c225-47e6-a39d-a3c979e7a65c&ttl=1625920036
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
dd643098-ab1f-4a60-ae3a-5dd0a2a9eac6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65d297c39af71669-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d2e40000016696d048000000001
server
cloudflare

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=7ea3541b-c225-47e6-a39d-a3c979e7a65c&ttl=1625920036
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
sync
odr.mookie1.com/t/v2/ Frame 2D33
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=21ad3be7-a936-41f2-abf8-242834a98bda&ssp=mgid&gdpr=&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=21ad3be7-a936-41f2-abf8-242834a98bda&ssp=mgid&gdpr=&gdpr_consent=
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:17 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=21ad3be7-a936-41f2-abf8-242834a98bda&ssp=mgid&gdpr=&gdpr_consent=
date
Thu, 10 Jun 2021 12:27:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
52164
i6.liadm.com/s/ Frame 2D33
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l5agjUtxdtr5
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l5agjUtxdtr5
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=21ad3be7-a936-41f2-abf8-242834a98bda
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=21ad3be7-a936-41f2-abf8-242834a98bda&_li_chk=true&previous_uuid=09eb2ab5273c407eb8b03cdc8fbc658d
  • https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=21ad3be7-a936-41f2-abf8-242834a98bda
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=21ad3be7-a936-41f2-abf8-242834a98bda
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:444a:4602:b51a:2bef:14:5241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 12:27:18 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
cef1fc71fc6e3d35
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=21ad3be7-a936-41f2-abf8-242834a98bda
Date
Thu, 10 Jun 2021 12:27:18 GMT
Connection
keep-alive
trace-id
2a02f5bd9589974f
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
/
cm.idealmedia.io/setmuidn/ Frame 2D33 		0
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l5agjUtxdtr5
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65d297de7ea70d3e-ARN
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
cf-request-id
0a977d3f0f00000d3eec811000000001
collect
www.clarity.ms/vmss-eus2/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/vmss-eus2/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/vmss-eus2/s/0.6.13/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://glavred.info
date
Thu, 10 Jun 2021 12:27:15 GMT
access-control-allow-credentials
true
x-powered-by
ASP.NET
x-azure-ref
0JAXCYAAAAAB97VCBjS0YRZxfXwUeHhORTE9OMjFFREdFMDExMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
v2_298309_4141.json
player.adtelligent.com/prebidlink/2705546/ 		116 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/2705546/v2_298309_4141.json?cb=glavred.info
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/450924/wrapper_hb_298309_4141.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
49bb586ff4ad7099ab6d2d474677fcf55f918223e784b5fe131d606262fc0bad

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 17:09:40 GMT
server
nginx
etag
W/"60bfa454-1cea4"
content-type
application/json
access-control-allow-origin
https://glavred.info
expires
Thu, 10 Jun 2021 13:27:16 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
usync.js
eus.rubiconproject.com/ Frame 4DE4 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e0c500c57328bcdd6992db38ed20a78a321a8b62197c1e0659231ed3ab1eb14

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 12:27:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 21:11:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75946
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9302
Expires
Fri, 11 Jun 2021 09:33:02 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame C032
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=4caf4ef0f98216279dade381...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=fe9160c2-0524-4d00-983c-6a96bc276389&gdpr=0&gdpr_consent=
49 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=fe9160c2-0524-4d00-983c-6a96bc276389&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:16 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Thu, 10 Jun 2021 12:26:42 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=fe9160c2-0524-4d00-983c-6a96bc276389&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Jun 2021 12:26:41 GMT
usync.js
eus.rubiconproject.com/ Frame 291F 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e0c500c57328bcdd6992db38ed20a78a321a8b62197c1e0659231ed3ab1eb14

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 12:27:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 21:11:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75946
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9302
Expires
Fri, 11 Jun 2021 09:33:02 GMT
khaos.jpg
token.rubiconproject.com/ Frame 4DE4 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
js
ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034474/0/ Frame C032
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=94eaf8198fce0882fae43058b50149a650a100eb12cd36ba4c7b9103e737cf2a&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b29052949...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=94eaf8198fce0882fae43058b50149a650a100eb12cd36ba4c7b9103e737cf2a&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F50920b29052949...
  • https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034474/0/js?tpid=48&tpuid=e96dd4a5653d979d448b206e8be97a5f
44 B
370 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034474/0/js?tpid=48&tpuid=e96dd4a5653d979d448b206e8be97a5f
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
efbaa6c52ef8c7538080fbb51683cc0c6299251e6314a42186d51d7a4e67c86d

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:17 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Location
https://ih.adscale.de/sium/50920b2905294903aa8e61f4efe21602/1623328034474/0/js?tpid=48&tpuid=e96dd4a5653d979d448b206e8be97a5f
Date
Thu, 10 Jun 2021 12:27:17 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
147
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 291F 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
sium
ih.adscale.de/ Frame C032 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.81.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Thu, 10 Jun 2021 12:27:17 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
c
c.mgid.com/ Frame 2D33 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=294|199|8|Ci5Z3AHxye2W_SdFevMcLIZTTUkqk2rQISn_3m2zhPd1aLYIRGsQlT3V1QGTPgUX&fw=1&extjs=3&v=294|199|8|Ci5Z3AHxye2W_SdFevMcLAgfhVhxfxID6g7MYNu92mrajZ1BolvJjBSi7celAfct&v=294|199|8|Ci5Z3AHxye2W_SdFevMcLB6DBmVBcD8p-htkT7PehW74CbSNn2U23fC-n0cHbnAR&cid=977390&h2=6kceJEPS2qpzEuGBBHIdw2fuXEa58QYcP4p0vP5cBlc*&rid=3105e3c3-c9e7-11eb-88a7-d094662c1c35&tt=Referral&ts=glavred.info&iv=11&pageImp=1&pvid=179f5e415068695a85a&cbuster=1623328037405463062312&tpl=0
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:17 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
10fa0a36-2977-49f1-af06-bded3d981912
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65d297c9ef8acb00-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d32310000cb007830d000000001
server
cloudflare
b2
sb.scorecardresearch.com/ Frame 2D33
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1623328040778&ns_c=UTF-8&ns_if=1&cv=3.5&c8=SafeFrame%20Container&c7=https%3A%2F%2F52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googles...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1623328040778&ns_c=UTF-8&ns_if=1&cv=3.5&c8=SafeFrame%20Container&c7=https%3A%2F%2F52bbe8a14e5ed63f56ef08860694c4f7.safeframe.google...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1623328040778&ns_c=UTF-8&ns_if=1&cv=3.5&c8=SafeFrame%20Container&c7=https%3A%2F%2F52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&c9=https%3A%2F%2Fglavred.info%2F
Requested by
Host: 52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
URL: https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-113.cdg50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:20 GMT
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
ZSiWteWL5_M3kuQxG2PiwNQkvXbuT_OY4jIntDG3WFzgw5qlnDnCUg==

Redirect headers

date
Thu, 10 Jun 2021 12:27:20 GMT
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1623328040778&ns_c=UTF-8&ns_if=1&cv=3.5&c8=SafeFrame%20Container&c7=https%3A%2F%2F52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&c9=https%3A%2F%2Fglavred.info%2F
content-length
312
x-amz-cf-id
yJatKYItD8ixPE1ifqfaryuoRM_YGNSR0qp4tW304ndU2l-bHD5jtg==
ptrack
a.audrte.com/ Frame EC81 		368 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=86.106.103.116&p=M1353665098&artime=2021-06-10T12:27:23.286Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ciUyRmNzeW5jJTNGdCUzRGElMjZlcCUzRDMwNzQ0MiUyNmV4dHVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.82.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1a7966a73b595927ca5c5c87b0ee26e161b6b8d8d137a2d9fddd8fcf2d33ba7b

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 12:27:23 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
262
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=15238/rand=207581619/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame F5DE
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=15238/rand=207581619/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=207581619/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=207581619/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.130.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-130-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a78b7283fdf3077f2194aa848d617faf4e59fbeb320cb1f7e94e0dc470f9f5bd

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=15238/rand=207581619/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Thu, 10 Jun 2021 12:27:23 GMT
content-type
text/html;charset=UTF-8
content-length
1066
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.22.237
set-cookie
_cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Mon, 07-Mar-2022 12:03:00 GMT;SameSite=None;Secure _cc_id=a68b1da16b0fb7b27daa8a1861f7ee06;Path=/;Domain=crwdcntrl.net;Expires=Mon, 07-Mar-2022 12:03:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQSDSzSDJMSTQ0SzJISzJPMjJPSUy0SDS0MDNMM09NNTBjAIKEQ6zav%2F%2F%2F%2F88P4kAAAMXHDsA%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Mon, 07-Mar-2022 12:03:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBIOMSqDaSgAAARQQFT";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Mon, 07-Mar-2022 12:03:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*

Redirect headers

date
Thu, 10 Jun 2021 12:27:23 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=207581619/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.10.223
set-cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
match
ps.eyeota.net/ Frame EC81
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6906473960582120021
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESED0zXoDppnOjUhyrM9LrVdc&google_cver=1
  • https://ps.eyeota.net/match?bid=kh51m51&uid=a3bk6WXZKZ6QmyFJSW6-gRJqQ&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=a3bk6WXZKZ6QmyFJSW6-gRJqQ&gdpr=0&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 12:27:23 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Thu, 10 Jun 2021 12:27:23 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=a3bk6WXZKZ6QmyFJSW6-gRJqQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame EC81 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=a3bk6WXZKZ6QmyFJSW6-gRJqQ&gdpr=0&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 12:27:23 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame EC81
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a3bk6WXZKZ6QmyFJSW6-gRJqQ&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm=&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a3bk6WXZKZ6QmyFJSW6-gRJqQ&gdpr=0&gdpr_consent=&google_tc=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a3bk6WXZKZ6QmyFJSW6-gRJqQ&gdpr=0&gdpr_consent=&google_gid=CAESED0zXoDppnOjUhyrM9LrVdc&google_cver=1
  • https://a.audrte.com/p
68 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.82.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 12:27:24 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 10 Jun 2021 12:27:23 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
image.sbxx
global.ib-ibi.com/ Frame F5DE 		0
0
pixel
cm.g.doubleclick.net/ Frame F5DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YTY4YjFkYTE2YjBmYjdiMjdkYWE4YTE4NjFmN2VlMDY
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YTY4YjFkYTE2YjBmYjdiMjdkYWE4YTE4NjFmN2VlMDY&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YTY4YjFkYTE2YjBmYjdiMjdkYWE4YTE4NjFmN2VlMDY&google_tc=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=207581619/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YTY4YjFkYTE2YjBmYjdiMjdkYWE4YTE4NjFmN2VlMDY&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame F5DE
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=affe60c2-052b-4100-af6b-80a08b8af121
49 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=affe60c2-052b-4100-af6b-80a08b8af121
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=207581619/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:23 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.26.101
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Thu, 10 Jun 2021 12:26:49 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=affe60c2-052b-4100-af6b-80a08b8af121
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Jun 2021 12:26:48 GMT
5907
tags.bluekai.com/site/ Frame F5DE 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=7663a4d560bdd10e3c23c5859fba1887
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=207581619/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-99-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 12:27:23 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame F5DE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=207581619/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tpid=3870337523717234599
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame F5DE
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/a68b1da16b0fb7b27daa8a1861f7ee06/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3870337523717234599
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3870337523717234599
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=207581619/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:23 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.172
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3870337523717234599
pragma
no-cache
date
Thu, 10 Jun 2021 12:27:23 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
view
securepubads.g.doubleclick.net/pcs/ Frame 2D33 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9r7BcwqkUmiw2SOhM2XWtXeMzzbwcmVf9zGy0mZYFY7naIvWcUj6D09mIUDRAGepGeKtEn4NU6zoHXlZIa5FnWYcCAGgkEJiJcMfsmYFIZ-ojGHc2jAgfr-4HHPvvu-2NwUKmVUxTKK82DGV93JI7jerQHBkB3pUleM2oRccY71qB2QfQgrGF7gLQ1BkyiUwGY9KLVEemzFNvIJl6QzgcLxxI0ww4gJpA1NzslLoNEPNWeJF0VCoT1-cnRSmZY3DZzPGuFUCVt4aIjaZqn-NypgiBCucOsA31XhcvGwDWSfJ1s0MbWYV6pbVS4AjooLs0&sai=AMfl-YQ2uigTV-w1HfLUcK5YbAEaa0SmfMux1yTftugtRS9uDfwzP0I15OpQeTxm3_PkCdd_JUO4m0Iduk-BDuVnmW_fOx14GDUSNE8Vxc7BfnAlRRVho3c6xWG0ym2MbzZY&sig=Cg0ArKJSzF62i3Qkc0bSEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 12:27:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 10 Jun 2021 12:27:24 GMT
glavred_light.3055a127.svg
glavred.info/build/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glavred.info/build/images/glavred_light.3055a127.svg
Requested by
Host: glavred.info
URL: https://glavred.info/build/styles.6245cea4ac6ac0d5e7e8ac623821d969.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4178279972eaed0f2d3dc4af667522a25f458855b7df055955e2bef786363be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/build/images/glavred_light.3055a127.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
glavred.info
referer
https://glavred.info/build/styles.6245cea4ac6ac0d5e7e8ac623821d969.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://glavred.info/build/styles.6245cea4ac6ac0d5e7e8ac623821d969.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1383084
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a977d4def0000f146b92e7000000001
last-modified
Fri, 27 Mar 2020 12:29:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PZViHJJMSmErYvM21UNpOtzQGe9MOxRjNugpiVBwG3rBtzO2Xkj1m7bLFHYT7ENd0yuaz76nURLliIRYR%2BpAWyxajuz%2FmkE3ytX6att2vSvMv2q%2BDRwkHa4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
65d297f64bb8f146-ARN
expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
beaf77c7fec80e7b19a38f179a2aa3c70fc97f5c196d6337ac84a13408d5a40d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 12:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 63BA 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=glavred.info
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=glavred.info
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://glavred.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://glavred.info/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1756
set-cookie
uid=8f19d299-4864-4066-bad9-ef4007d0b277; expires=Fri, 10 Jun 2022 12:27:24 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Thu, 10 Jun 2021 12:27:24 GMT
content-length
1129
collect
www.google-analytics.com/j/ 		2 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1768882602&t=event&ni=1&_s=1&dl=https%3A%2F%2Fglavred.info%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B7%D0%B0%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B9%20%D1%87%D0%B0%D1%81%20%D0%BD%D0%B0%20%D0%93%D0%BB%D0%B0%D0%B2%D1%80%D0%B5%D0%B4.%20%D0%90%D0%BA%D1%82%D1%83%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B2%20%D0%BC%D0%B8%D1%80%D0%B5%20%D0%B7%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D1%80%D0%B5%D0%B4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=TTFB&el=v1-1623328033149-4939784811620&ev=424&_u=aEjAAUABAAAAAC~&jid=597608524&gjid=1660159178&cid=1598728917.1623328033&tid=UA-22507043-14&_gid=671566048.1623328045&_r=1&gtm=2wg621W6FPQKK&z=1186522341
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://glavred.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 10 Jun 2021 12:27:24 GMT
rum
glavred.info/cdn-cgi/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://glavred.info/cdn-cgi/rum?req_id=65d297a85d71f146
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.26.14.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://glavred.info
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
_ga=GA1.2.1598728917.1623328033; _gid=GA1.2.671566048.1623328045; _gat_UA-22507043-14=1
content-length
27769
:path
/cdn-cgi/rum?req_id=65d297a85d71f146
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
glavred.info
referer
https://glavred.info/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Thu, 10 Jun 2021 12:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://glavred.info
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
65d297f6d8af168d-ARN
vary
Origin
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-22507043-14&cid=1598728917.1623328033&jid=597608524&gjid=1660159178&_gid=671566048.1623328045&_u=aEjAAUABAAAAAC~&z=25276546
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 10 Jun 2021 12:27:24 GMT
content-type
text/plain
access-control-allow-origin
https://glavred.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame B1CB 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://glavred.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://glavred.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 10 Jun 2021 11:15:55 GMT
expires
Fri, 10 Jun 2022 11:15:55 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4289
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B2C0 		783 B
781 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eca297852ea4ff0a6f5dc726fb63d2f537834e003ef3be10aaac55d794735358
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VaNsodPZRDWWDVMyywxeeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://glavred.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://glavred.info/

Response headers

expires
Thu, 10 Jun 2021 12:27:24 GMT
date
Thu, 10 Jun 2021 12:27:24 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-VaNsodPZRDWWDVMyywxeeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.com/ads/ 		42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-22507043-14&cid=1598728917.1623328033&jid=597608524&_u=aEjAAUABAAAAAC~&z=1949755438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-22507043-14&cid=1598728917.1623328033&jid=597608524&_u=aEjAAUABAAAAAC~&z=1949755438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js
pagead2.googlesyndication.com/bg/ Frame B1CB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 12:21:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5749
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jun 2022 12:21:52 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2D33 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssquAsmm8S0ycn43X5vEYu91oZy5O2n-Av2rgmI3_ipYub-o6vLMR10N0Blg1PL9CkhVWj9UVoZ2IhD8GMv2To8V3iQVEn1pBzL0aPmA3w&sig=Cg0ArKJSzLzwTNufTmt7EAE&id=lidar2&mcvt=1003&p=254,1100,870,1400&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20210607&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=19&adk=2091012187&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623328034781&dlt=9&rpt=213&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060901&jk=336438710197889&bg=!UVKlUhbNAAY6sG-_OrA7ACkAdvg8WpzzYcK9itZGOkJpecMVPjvBROPvG5Eqxuc2W4KDAU_nWEWoogIAAADlUgAAABZoAQcKABZyDKCeYzrCP4F-WUTRFZgX3wCixQVhmQJsl6PI2PQXYcmL3rEhhWZHjX4j8Yg99OsVAQb_uudoIRCHwBYnVOmIS8z1lT1U8Ulwep4aG-jncTpuCMUbpoKo11Dh42aTLgLStE4kynSqorWtLtgPeZJ7tJB_GHvWVckfJ1B2lMB9Pc4EoZteStXiDyXWBB9mF32AG5GeqIvh-bbu7Qyg753sUwGc1qofhq2gLlECUxp0HEN0Unu0bOGxN5dKKBV4TFp1UVrK5WLg2X0c19KY9UKSwLhspPG3UeiRml1gXn6zl0WP5jYMcp5azqUZunDg3DED24yc_XbVt-QhmyCFDTgIFDO0snQ_NOxdVwhITN6kNFF7k8_f3tYYj2fVEWo7-ket6fgNyKc8SBtVdqmytAOZcPZyaGxMSRHqjBFzyff3in_AziEcz4rkt58n3mbkQBw7qtF8rw8Z1rsiS-EnXZSTWSUv-MG2CndXRPrfPiiTURYcjveegfLuQakejlaonmMSJTa4cNjcKWRRRWn2HlnJQzExysApAXXSllQHyouXzBBVlddsY0oJbNGNGfPKGQYxzN-blLgtPm4qUzeZQffiEclzARycU4_oSUpP02F3r2OrMPUGXuHrDwZjHgjhi25utoWp8etN-dHYuZXgTJ53UjiHghpoXIaHSYoVO78MiTd-Rhj8cbHREBcxkh7ChBclGfS20TzC6i-SzgyhvCLBzkawrdo6A-TVDib56-6yiLNXm_RkimqzGDYYCs7YjgJL7g21ZPhNRPaiiqRBgc_DuOIv-aTBENnkSP53i97AlXloS2360MaoZkpa0RzgXoqy3z99boCGCNd3ji2xbQyRQe1KzLc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 12:27:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.clarity.ms/vmss-eus2/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/vmss-eus2/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/vmss-eus2/s/0.6.13/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://glavred.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://glavred.info
date
Thu, 10 Jun 2021 12:27:26 GMT
access-control-allow-credentials
true
x-powered-by
ASP.NET
x-azure-ref
0LwXCYAAAAAAhlVTkHs6XQLZnpjVZP79zTE9OMjFFREdFMDExMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=a68b1da16b0fb7b27daa8a1861f7ee06

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| addCatfish object| google_tag_manager function| webpackJsonp function| yall function| Waypoint function| FuckAdBlock object| fuckAdBlock object| viewport function| jQuery function| $ object| advertizer function| loadNextPage object| Share string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| gtag function| clarity object| adTargeting object| __cfBeacon object| google_tag_data string| GoogleAnalyticsObject function| ga object| googletag object| vmpbjs object| vpb object| webVitals function| sendToGTM object| gaplugins object| gaGlobal object| gaData function| vmpbjsChunk object| _pbjsGlobals object| x object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt string| uww_template object| uww_container function| htmlDecode object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| criteo_pubtag object| criteo_pubtag_prebid_109 object| Criteo_prebid_109 object| GoogleGcLKhOms object| google_image_requests

10 Cookies

Domain/Path Name / Value
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDSzSDJMSTQ0SzJISzJPMjJPSUy0SDS0MDNMM09NNTBjAIKEQ6zav%2F%2F%2F%2F88P4kAAAMXHDsA%3D"
.crwdcntrl.net/ Name: _cc_id
Value: a68b1da16b0fb7b27daa8a1861f7ee06
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIOMSqDaSgAAARQQFT"
.zeotap.com/ Name: zc
Value: 58ffb39f-9683-4733-6466-13eadf1ae0c2
.adform.net/ Name: C
Value: 1
.glavred.info/ Name: _ga
Value: GA1.2.1598728917.1623328033
.glavred.info/ Name: _gid
Value: GA1.2.671566048.1623328045
.adform.net/ Name: uid
Value: 6906473960582120021
.glavred.info/ Name: _gat_UA-22507043-14
Value: 1

7 Console Messages

Source Level URL
Text
console-api warning URL: https://player.adtcdn.com/prebidlink/450924/hb_298309_4141.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api error URL: https://player.adtcdn.com/prebidlink/450924/wrapper_hb_298309_4141.js(Line 1)
Message:
localStorage unavailable
console-api log URL: https://glavred.info/(Line 144)
Message:
object
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 127)
Message:
arResponse->{"pxcalls":"https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=|https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=a3bk6WXZKZ6QmyFJSW6-gRJqQ&gdpr=0&gdpr_consent=|https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a3bk6WXZKZ6QmyFJSW6-gRJqQ&gdpr=0&gdpr_consent="}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

52bbe8a14e5ed63f56ef08860694c4f7.safeframe.googlesyndication.com
a.audrte.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.us.e-planning.net
adscale-emea.adnxs.com
adservice.google.com
adservice.google.se
adtelligent-d.openx.net
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bidder.criteo.com
bn01.er.bemail.it
c.bing.com
c.clarity.ms
c.mgid.com
c1.adform.net
cdn.admatic.com.tr
cdn.mgid.com
cm.adform.net
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cms.analytics.yahoo.com
creativecdn.com
cs.admanmedia.com
csync.loopme.me
d.adroll.com
d.turn.com
dis.criteo.com
dm.hybrid.ai
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
glavred.info
global.ib-ibi.com
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.frontend.weborama.fr
ih.adscale.de
image6.pubmatic.com
images.glavred.info
inv-nets.admixer.net
js.adscale.de
js.cookieless-data.com
jsc.mgid.com
loadeu.exelator.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
newscode.online
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.mathtag.com
pixel.sitescout.com
pixel.tapad.com
player.adtcdn.com
player.adtelligent.com
pogoda.unian.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-match.dotomi.com
ps.eyeota.net
rtb.adxpremium.services
rtb.openx.net
rus.redtram.com
s-img.mgid.com
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
spl.zeotap.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.trafmag.com
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
ufo.approximity.com
unpkg.com
ups.analytics.yahoo.com
usermatch.krxd.net
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
global.ib-ibi.com
100.26.82.13
104.109.78.125
104.111.237.88
104.16.199.73
104.19.134.78
104.19.135.78
104.19.217.61
104.26.14.241
107.21.231.45
13.107.21.200
13.248.242.197
142.250.185.130
142.250.185.162
146.0.227.107
146.59.10.80
151.1.205.165
151.101.14.49
162.55.6.210
168.119.146.39
178.162.133.149
178.250.0.157
178.250.0.163
178.250.2.131
18.156.0.31
18.197.81.144
18.198.126.47
18.200.233.208
185.184.8.65
185.29.135.234
185.33.220.244
185.33.223.222
185.59.220.194
185.64.189.115
188.42.196.115
193.0.160.129
193.200.65.5
195.137.240.103
199.232.137.44
2.18.233.201
2.19.35.65
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
212.82.100.182
213.174.135.2
213.19.147.45
213.19.162.51
23.218.208.200
23.218.208.246
23.45.99.241
2600:1f18:444a:4602:b51a:2bef:14:5241
2600:9000:218c:4a00:f:4f64:8940:93a1
2606:4700:10::ac43:db6
2606:4700:20::681a:24e
2606:4700:3037::ac43:a669
2606:4700::6810:5f41
2606:4700::6810:7caf
2606:4700::6810:bf3
2606:4700:e0::ac40:631d
2607:ae80:5::48
2620:1ec:29::67
2a00:1288:110:c305::8000
2a00:1450:4001:800::2003
2a00:1450:4001:802::2003
2a00:1450:4001:803::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a00:1450:400c:c0a::9d
2a00:7c80:0:120::2
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:20::2040
2a05:d018:24:b001:d120:1359:acbb:2de6
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5139::2
2a0c:5c81:5142::2
3.124.210.90
34.233.79.92
34.251.130.56
34.251.31.154
34.253.111.115
34.98.64.218
34.98.67.61
35.201.81.244
35.227.248.159
35.227.252.103
37.157.4.25
37.157.6.245
37.18.16.22
37.252.172.249
46.249.52.248
46.249.52.249
5.178.65.246
5.178.65.253
51.15.145.115
51.38.120.206
52.142.114.2
52.210.238.250
52.222.174.113
52.28.196.155
52.29.225.117
52.45.55.28
52.71.142.200
52.84.174.92
52.94.232.32
52.95.123.167
54.208.167.73
54.78.251.22
62.149.0.72
62.209.227.210
62.244.25.71
62.244.25.85
66.155.71.150
67.202.110.21
69.173.144.139
85.114.159.118
88.214.206.142
89.163.159.101
01b7db03e4cc483b339161ef7ad1deae41bb10bb5bc0ab1ea7f6c8331cd5c342
0804ecc8509a6fed082326a7ed73fd4c8681eade52a6e4e2947b0ee3b7bd24cc
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b545f6428aa74aea62b2a34d46ef39e8379c6b6396857bfce4c988b8aaba9f7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
0e5f578fb70950e87d859a76be01e085d489189c9e73ab343e2fe835de30e2f1
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
1022331ae86fd1238c175b3beb5d01d5a2338464a0d0625ad5fc08b32472309e
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
165ef1b5a5dcc599b66d2d33b5dcc87467da6bbbe2a101f305466877972e631c
16600b031f7e2e59efe4b96a23e07fb4a56b411833e73070c1c8b60bc7116cf5
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
1a7966a73b595927ca5c5c87b0ee26e161b6b8d8d137a2d9fddd8fcf2d33ba7b
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d
1da18c407ee2e833f216f44f16f2fd179703919973f2493c07d0367e12e9e2f5
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
1e0c500c57328bcdd6992db38ed20a78a321a8b62197c1e0659231ed3ab1eb14
200f20452a80b8addbcb8d7df78f7048352f56387400719e1dc659f210f9ba89
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
204bc8db977c1c721fc7196a3ac9830f9a286d4629c0e2d1b95a9cccca0f63fe
24c9edecbbea52c50a4f237fcfe0376256f1242d843a7c760a71537d8c9c2f99
25e8a1e592ccef1d76d3d847220fcf3dacb9494f15c5531fe716b8cf4123a319
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b1ccd31e2c56cdd59ccc043102e4fb6b8d3d721071c1f425ca8aba29bf5dd43
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e069650781d947be9a8e4279f983e2cd22ad67a95b4aabccb45ec237d7e34a5
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3a06636a206691621ef22b7433b612d25654f97da6c47416d9375e25d2f26427
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3bff7be30cce48658afdbb7c93b8f9ea6b0f0d670da03411f09d3f6693208602
3c2e412efd41513812c7017de4d8a1e2cab61f1a93abf66b0ae4f62d47ca03ca
3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
436e1b4e514b30292e2c10dc800934370aa84c04d4d011fcb93a1b04d9b1ad85
4452f686956e6b99b6de4bc75f611be2d4aba880ef2edce38111a5eddaf5c872
46444209f8afb6e8994e47b474c81b0906b10ff59f04fb1b64c3e667855adfb9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
49bb586ff4ad7099ab6d2d474677fcf55f918223e784b5fe131d606262fc0bad
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
532ebb63b21f25cd2321d533fa378e22801af099c6b8b115d66f5fb2a9b9f482
53a7aed76d8b17b24f2cbd51d3da576b4d3a9ada4a9a22b56be58dca87f8a173
5667b0468b4473759479e94a71d2702eb1cc871e557357863538ef9cafdc5d22
5688bcb0868115238da11f699bd578b9f69a6f4151909e2688cff4e9b1cc1075
5837a015fb04ecd3a24c2c4ca20aaccfc2d3a1756da6b25b269f1c81c0b7e47f
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5b50d2f1d3cd73e54464d3f04b515f5327c73f67c8e429c6298b7654e6848752
5d69cce486af16a29a1227b693b0394fc67bc989de18803fef40a942c8101165
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
65273119e256096ceca5b848928dd7f731ed42c6bfdeb132950ca9a34a98d374
6628f4531015922c3e4f550d0cf084ce923a6122e87d1d1a342ff0764583e0c0
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b
70174fee3292d69c7a3654f935c4f40e27a7cbb2c20c88fd4c1421aafba1bc24
71e3a9656759d1e83c042f1fac92b14c3ec906532a055f59446b857050cc475b
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
786623e3ec647426e3dd7b68e8713e80e34959f4cca988615a9125d536decc2e
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7ff3c8801bb08071ccded02a234842005c8047a17dd7cdc7794c9cf2e7f425eb
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84d8abb100a51588a2150eef1fc1480eb1a827b559a86b837537f29c2978b712
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86df0d602993a3dd52225390086c7b0d00119e772782adec2cd4c3cb4f256f7e
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e4d36a4d43eb89ea80bfc00e408d04df95972b9d13cc01bdc0ce5272a209bea
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
920c0f1801f5bef94ff740f378de30debf597a14865fb10cf25a7b5935f960e7
979083f6bf899e9c0502dc85534d8b35d930dffd7272638200f2e51e7006d035
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9de39183001281646fcabec00cbfa96d96758ef714131a8827423453b9d59db9
9e72d5194556a1e6bf01d217736c792ff30c1eca4b56847c3ca884da4028f720
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e377f09c9259c076c5cc20b22aaf832fca3fab3ddec8fc7f62403d0b507e81
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78b7283fdf3077f2194aa848d617faf4e59fbeb320cb1f7e94e0dc470f9f5bd
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac2d777bcb8ecfb610a470bb90d3f2f30ad1c8ed7fe59bdb79b005372f74ad80
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b
ae7f33d7a977b63b188b0d48f8a1620f1d3935127000eecd4c7a96dc044f02a0
b03996e23dcbea0107d19cd6a07ee6ff84b9cce67b4a2bae564046f89b00e948
b0daf36cfc8821150ef3ab474418f2b50df905e31135455572a3a266221c8d1c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4178279972eaed0f2d3dc4af667522a25f458855b7df055955e2bef786363be
b80219db45ed393a1ab9e27629d6211216986caaf482cb4ec32629f74ca9e66e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb45315ab78b54bd032bce6cf41e49a435a31a021d734982bee57392eccdc439
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
beaf77c7fec80e7b19a38f179a2aa3c70fc97f5c196d6337ac84a13408d5a40d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2748da4707989f370e1ab5c97d94aa300c67786643b217c04c8b962a85a0f71
c80ab65cc976b43273f36a3bfb30c2d9c2fdf8717db65d779967baa566d94195
c8d3c78533c1bbc9bc04196133710c94e6e515942ebdc7736215766d67c1986a
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd004215ea3abd8f8892a8b0954f6ec73fa1a1a018e57a027916f3547ebd6c5
d0387141074ef90a3397602dfe70127be8e706c161977b02068fa3a3e9f815d0
d1347e4fed500a1dc88f6ffcf2127cd21b3e50c574bb2cbaf6270a220be34570
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d24c5180cf20943db33a2ac8fb538e0cbc4d1c5d4269f4c9386705a226ef8f84
d2e650fde7b748c6f48495e6fa314563194333aef858db6fa4a6d3d5e19a11e0
d47ca76fa8719d4bf02a4a3bda62949c6556f54a5d52e4795b902e7b5a5f17e2
d4fbef821f302dedcda65778b1cc462affdc02fd826a6fc9162512d2a17a3d20
dad2ef1296d6fe38999933efbb6f24406bd33d0d7c0fa6558f30ac804187c6b6
dcc7885017e124e265f193b7854d69f7702c925f0410bf194ce173d83ca85aa3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e7ba341fbec7fa96dac5aef33e25a52a6e744282bba7c9d5d65de1b7e3a99e2a
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
ea9efc156ebc91bf2cfe71a8d27e4633dc1cf86bafe902d582b3aee00635f419
eb7c9303c1909cb61c459c12b535c69eb76ed3b08720c97a586e26b0b4ab8028
eb8a610a754c611f0c95c2111560fbabcbb0957faaf48337d06654ce59d16b20
eca297852ea4ff0a6f5dc726fb63d2f537834e003ef3be10aaac55d794735358
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ee3ff6adb1387d1930f9639157cc4cb49806265bdfd6049acf5cd73bbac83083
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbaa6c52ef8c7538080fbb51683cc0c6299251e6314a42186d51d7a4e67c86d
f17f143f0f7f159ad47c74f5b9868343ef7467e2fb2f56d76e8ead4d32028b2d
f1cda8a73a221c2395d99dd2b4888f98744674b9ea46603cf8b3663e53203466
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f60c81511352b14c637a546fbb9020479b48322f8c4aeffb1a6850db25dac6d8
f7a40621de140fea12b04805ebabffa3a27e4a2ad7860419f39f101fa4bf53b2
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5