urlscan.io logo urlscan.io
SecurityTrails logo

www.unian.pm Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mundowao.com/unia3686729
Effective URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Submission: On November 17 via manual from DZ — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 10 countries across 85 domains to perform 206 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.unian.pm.
TLS certificate: Issued by GTS CA 1P5 on October 13th 2023. Valid for: 3 months.
This is the only time www.unian.pm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 206.71.148.217 399629 (BLNWX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
19 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 104.22.61.153 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 195.137.240.24 29389 (ASN-UNIAN)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 5 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
3 45.133.44.3 39572 (ADVANCEDH...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a0c:5c87:524... 55081 (24SHELLS)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 7 193.3.178.4 399668 (E-PLANNING-)
2 51.38.120.206 16276 (OVH)
1 67.202.105.23 32748 (STEADFAST)
2 2a01:4f8:262:... 24940 (HETZNER-AS)
3 184.30.16.195 16625 (AKAMAI-AS)
1 1 2.18.160.23 16625 (AKAMAI-AS)
1 11 23.227.146.18 55081 (24SHELLS)
1 216.52.2.39 30282 (AS-INAPCD...)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 2 54.175.48.210 14618 (AMAZON-AES)
1 1 157.245.23.44 14061 (DIGITALOC...)
1 1 51.83.220.94 16276 (OVH)
8 9 37.252.172.123 29990 (ASN-APPNEX)
1 1 8.2.110.161 46636 (NATCOWEB)
1 1 145.40.97.67 54825 (PACKET)
4 4 46.228.174.117 56396 (AMOBEE)
1 1 46.228.164.11 56396 (AMOBEE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 188.114.96.3 13335 (CLOUDFLAR...)
20 2a00:1450:400... 15169 (GOOGLE)
1 8.2.110.17 46636 (NATCOWEB)
1 193.3.178.2 399668 (E-PLANNING-)
1 1 34.194.65.1 14618 (AMAZON-AES)
1 52.58.37.65 16509 (AMAZON-02)
1 69.166.1.66 27630 (AS-XFERNET)
1 35.186.253.211 15169 (GOOGLE)
3 6 3.127.126.167 16509 (AMAZON-02)
2 2 104.122.39.115 16625 (AKAMAI-AS)
4 95.101.202.12 16625 (AKAMAI-AS)
2 5 172.64.151.101 13335 (CLOUDFLAR...)
1 205.234.175.175 30081 (CACHENETW...)
13 2606:4700:10:... 13335 (CLOUDFLAR...)
2 185.64.190.78 62713 (AS-PUBMATIC)
1 5 142.250.185.98 15169 (GOOGLE)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
1 37.157.2.229 198622 (ADFORM)
3 3.33.220.150 16509 (AMAZON-02)
1 2a04:4e42::300 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 54.171.198.71 16509 (AMAZON-02)
1 18.198.69.109 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 34.111.131.239 396982 (GOOGLE-CL...)
1 185.15.245.80 24961 (MYLOC-AS ...)
1 1 54.73.167.29 16509 (AMAZON-02)
2 2 3.71.149.231 16509 (AMAZON-02)
1 1 18.184.223.197 16509 (AMAZON-02)
1 34.160.236.64 15169 (GOOGLE)
2 54.72.15.103 16509 (AMAZON-02)
1 167.235.114.248 24940 (HETZNER-AS)
2 2 151.101.2.49 54113 (FASTLY)
1 1 54.204.154.145 ()
1 2 67.220.228.201 16509 (AMAZON-02)
1 95.101.200.166 ()
1 1 54.171.200.20 ()
1 69.173.144.139 ()
1 1 2620:116:800d... ()
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.239.18.118 16509 (AMAZON-02)
2 3.248.115.153 16509 (AMAZON-02)
1 76.223.111.18 16509 (AMAZON-02)
2 2 34.224.175.55 14618 (AMAZON-AES)
1 178.250.1.9 ()
1 2 52.46.151.131 16509 (AMAZON-02)
2 2 3.125.12.15 16509 (AMAZON-02)
2 2a05:d018:d29... 16509 (AMAZON-02)
1 63.251.232.170 32475 (SINGLEHOP...)
7 34.247.233.198 16509 (AMAZON-02)
1 1 51.68.39.188 16276 (OVH)
1 35.244.159.8 15169 (GOOGLE)
1 1 54.165.170.24 ()
1 1 54.146.239.191 ()
1 8.18.47.7 398989 (DEEPINTENT)
1 1 50.31.142.159 ()
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 185.86.138.151 201081 (SMARTADSE...)
2 2 37.157.3.20 198622 (ADFORM)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 69.173.144.138 26667 (RUBICONPR...)
2 2a00:1450:400... 15169 (GOOGLE)
206 74
1    206.71.148.217 (London, United Kingdom)

ASN399629 (BLNWX, US)
mundowao.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3035::6815:43cb (United States)

ASN13335 (CLOUDFLARENET, US)
ggspace.space
19    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.unian.pm
4    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    104.22.61.153 (None, )

ASN13335 (CLOUDFLARENET, US)
images.unian.net
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
4    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    195.137.240.24 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: counter.unian.net
counter.unian.net
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
5    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
2    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a0c:5c87:5241::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
7    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
7    193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams03.e-planning.net
sync.e-planning.net
2    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    2a01:4f8:262:3e06::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
s.console.adtarget.com.tr
3    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
11    23.227.146.18 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
1    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
2    54.175.48.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-48-210.compute-1.amazonaws.com
cookies.nextmillmedia.com
1    157.245.23.44 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.adsinteractive.com
1    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
9    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    8.2.110.161 (United States)

ASN46636 (NATCOWEB, US)
cm-x.mgid.com
1    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdnstat.net
20    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    8.2.110.17 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
1    193.3.178.2 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
1    34.194.65.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-65-1.compute-1.amazonaws.com
ssp.disqus.com
1    52.58.37.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-37-65.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
6    3.127.126.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-126-167.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    104.122.39.115 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-122-39-115.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    95.101.202.12 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-202-12.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
dsum-sec.casalemedia.com
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
13    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
www.googleadservices.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
3    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f601:31be:eaee:1d8c:9fe8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    54.171.198.71 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-198-71.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.80 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    54.73.167.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-167-29.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1    18.184.223.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-223-197.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    54.72.15.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-15-103.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    167.235.114.248 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.248.114.235.167.clients.your-server.de
sync.richaudience.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    54.204.154.145 (None, )

ASN- ()
usermatch.krxd.net
2    67.220.228.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    95.101.200.166 (None, )

ASN- ()
tags.bluekai.com
1    54.171.200.20 (None, )

ASN- ()
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    69.173.144.139 (None, )

ASN- ()
pixel.rubiconproject.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (None, )

ASN- ()
cms.quantserve.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    18.239.18.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-118.ams58.r.cloudfront.net
tags.crwdcntrl.net
2    3.248.115.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-115-153.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    34.224.175.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-175-55.compute-1.amazonaws.com
i.liadm.com
1    178.250.1.9 (None, )

ASN- ()
dis.criteo.com
2    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    3.125.12.15 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-12-15.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    2a05:d018:d29:3602:8101:fe84:3355:65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    63.251.232.170 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-mon-1.sys.adgear.com
cm.adgrx.com
7    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    54.165.170.24 (None, )

ASN- ()
sync.srv.stackadapt.com
1    54.146.239.191 (None, )

ASN- ()
sync.ipredictive.com
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    50.31.142.159 (None, )

ASN- ()
b1sync.zemanta.com
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
Apex Domain
Subdomains		 Transfer
29 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
258 KB
19 unian.pm
www.unian.pm
971 KB
18 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6758
ghb.adtelligent.com — Cisco Umbrella Rank: 5236
sync.adtelligent.com — Cisco Umbrella Rank: 3489
232 KB
13 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3274
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
4 KB
12 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
212 KB
9 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1589
usersync.gumgum.com — Cisco Umbrella Rank: 2098
3 KB
9 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
pixel.rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 458
29 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
6 KB
9 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2776
s.e-planning.net — Cisco Umbrella Rank: 5968
u-ams03.e-planning.net — Cisco Umbrella Rank: 39934
i.e-planning.net — Cisco Umbrella Rank: 5337
sync.e-planning.net — Cisco Umbrella Rank: 4647
3 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
2 KB
5 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1451
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
4 KB
5 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
18 KB
5 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 unian.net
images.unian.net — Cisco Umbrella Rank: 272664
counter.unian.net — Cisco Umbrella Rank: 296641
89 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
78 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
3 KB
4 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
2 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
2 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 6862
685 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
306 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 758
usermatch.krxd.net
942 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
445 B
3 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3509
c1.adform.net — Cisco Umbrella Rank: 599
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
2 googleadservices.com
www.googleadservices.com
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
84 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
883 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
911 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
19 KB
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27893
908 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
1 KB
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
us-u.openx.net — Cisco Umbrella Rank: 522
549 B
2 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2836
189 B
2 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 10155
2 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 53935
3 KB
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
75 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
541 B
1 zemanta.com
b1sync.zemanta.com
286 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 stackadapt.com
sync.srv.stackadapt.com
1 KB
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3111
581 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
282 B
1 criteo.com
dis.criteo.com
363 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
140 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
64 KB
1 quantserve.com
cms.quantserve.com
694 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
214 B
1 bluekai.com
tags.bluekai.com
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1851
375 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1324
213 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 560
527 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 25983
84 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
596 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7844
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 13579
460 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 705
199 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
401 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
35 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
299 B
1 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3714
60 B
1 cdnstat.net
cdnstat.net — Cisco Umbrella Rank: 273955
695 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2189
1 unrulymedia.com
sync.targeting.unrulymedia.com
477 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
434 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
206 B
1 mgid.com
cm-x.mgid.com — Cisco Umbrella Rank: 6847
644 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10367
258 B
1 adsinteractive.com
sync.adsinteractive.com — Cisco Umbrella Rank: 12548
386 B
1 trafmag.com
t.trafmag.com — Cisco Umbrella Rank: 26427
349 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
277 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1337
295 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 923
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 899
7 KB
1 ggspace.space
ggspace.space
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1002 B
1 mundowao.com
mundowao.com
3 KB
0 socdm.com Failed
tg.socdm.com Failed
0 bemail.it Failed
bn01.er.bemail.it Failed
0 tidaltv.com Failed
sync.tidaltv.com Failed
0 unian.ua Failed
www.unian.ua Failed
206 85
Domain Requested by
20 tpc.googlesyndication.com securepubads.g.doubleclick.net
104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
www.gstatic.com
tpc.googlesyndication.com
19 www.unian.pm www.unian.pm
11 mwzeom.zeotap.com spl.zeotap.com
11 sync.adtelligent.com 1 redirects player.adtelligent.com
ads.us.e-planning.net
8 ib.adnxs.com 7 redirects spl.zeotap.com
7 usersync.gumgum.com rtb.gumgum.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
www.googletagservices.com
6 x.bidswitch.net 3 redirects ads.us.e-planning.net
spl.zeotap.com
ssum.casalemedia.com
5 securepubads.g.doubleclick.net 1 redirects www.unian.pm
securepubads.g.doubleclick.net
4 www.gstatic.com 104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
rtb.gumgum.com
4 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
4 ghb.adtelligent.com player.adtelligent.com
4 www.google.de www.unian.pm
4 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
4 www.googletagmanager.com www.unian.pm
www.googletagmanager.com
3 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
3 match.adsrvr.org spl.zeotap.com
ssum.casalemedia.com
rtb.gumgum.com
3 cm.g.doubleclick.net 1 redirects spl.zeotap.com
rtb.gumgum.com
3 sync.1rx.io 3 redirects
3 ads.pubmatic.com player.adtelligent.com
ads.us.e-planning.net
rtb.gumgum.com
3 player.adtelligent.com player.adtcdn.com
player.adtelligent.com
3 region1.analytics.google.com www.googletagmanager.com
3 images.unian.net www.unian.pm
2 www.googleadservices.com
2 s0.2mdn.net tpc.googlesyndication.com
2 token.rubiconproject.com eus.rubiconproject.com
2 creativecdn.com 2 redirects
2 c1.adform.net 2 redirects
2 pr-bh.ybp.yahoo.com ssum.casalemedia.com
rtb.gumgum.com
2 pm.w55c.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 i.liadm.com 2 redirects
2 rtb.gumgum.com ads.us.e-planning.net
rtb.gumgum.com
2 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
2 sync-tm.everesttech.net 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 secure-assets.rubiconproject.com 2 redirects
2 cookies.nextmillmedia.com 1 redirects
2 s.console.adtarget.com.tr player.adtelligent.com
s.console.adtarget.com.tr
2 onetag-sys.com player.adtelligent.com
ads.us.e-planning.net
2 ads.us.e-planning.net 1 redirects player.adtelligent.com
2 104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google.com www.unian.pm
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 player.adtcdn.com www.unian.pm
2 counter.unian.net www.unian.pm
counter.unian.net
1 sync.e-planning.net rtb.gumgum.com
1 ssbsync.smartadserver.com rtb.gumgum.com
1 bh.contextweb.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 us-u.openx.net rtb.gumgum.com
1 dsp.nrich.ai 1 redirects
1 secure.adnxs.com 1 redirects
1 cm.adgrx.com ssum.casalemedia.com
1 dis.criteo.com ssum.casalemedia.com
1 eb2.3lift.com ads.us.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 www.googletagservices.com 104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
1 cms.quantserve.com 1 redirects
1 pixel.rubiconproject.com spl.zeotap.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 bcp.crwdcntrl.net 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 i.e-planning.net ads.us.e-planning.net
1 rtb.openx.net ads.us.e-planning.net
1 sync.go.sonobi.com ads.us.e-planning.net
1 match.sharethrough.com ads.us.e-planning.net
1 ssp.disqus.com 1 redirects
1 s.e-planning.net ads.us.e-planning.net
1 sync.admanmedia.com ads.us.e-planning.net
1 cdnstat.net www.unian.pm
1 vid.vidoomy.com
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 prebid.a-mo.net 1 redirects
1 cm-x.mgid.com 1 redirects
1 a4p.adpartner.pro 1 redirects
1 sync.adsinteractive.com 1 redirects
1 t.trafmag.com
1 ap.lijit.com
1 hbx.media.net 1 redirects
1 ssc-cms.33across.com player.adtelligent.com
1 static.cloudflareinsights.com www.unian.pm
1 ggspace.space mundowao.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com mundowao.com
1 mundowao.com
0 tg.socdm.com Failed rtb.gumgum.com
0 bn01.er.bemail.it Failed spl.zeotap.com
0 sync.tidaltv.com Failed spl.zeotap.com
0 www.unian.ua Failed www.unian.pm
206 113
Subject Issuer Validity Valid
mundowao.com
R3		 2023-11-16 -
2024-02-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
ggspace.space
E1		 2023-10-03 -
2024-01-01		 3 months crt.sh
unian.pm
GTS CA 1P5		 2023-10-13 -
2024-01-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
unian.net
GTS CA 1P5		 2023-10-19 -
2024-01-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
counter.unian.net
R3		 2023-10-12 -
2024-01-10		 3 months crt.sh
adtcdn.com
GTS CA 1P5		 2023-11-10 -
2024-02-08		 3 months crt.sh
player.adtelligent.com
R3		 2023-11-15 -
2024-02-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-09-29 -
2023-12-28		 3 months crt.sh
ads.us.e-planning.net
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2023-09-20 -
2023-12-19		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-10-06		 a year crt.sh
cdnstat.net
E1		 2023-11-16 -
2024-02-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.e-planning.net
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
dmp.theadex.com
R3		 2023-10-21 -
2024-01-19		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 30 frames:

Primary Page: https://www.unian.pm/politics/zima-budet-chernoj.php
Frame ID: 7C331B07C939603AB5B41AA79FDDDD7D
Requests: 81 HTTP requests in this frame

Frame: https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EDA8E06A79D0173A7591D6F05CCA839B
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 3900819A7135BACE79FAD86B774A27B3
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 9B627DD95430A35349E0F35FE475AF20
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 76E0BBE18E14C71ED676B4CCA02DBE78
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 8D7E2280DA6C50E08E61FE905212E3D0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: A843DDA89772FB782E01E27A0314BA6E
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
Frame ID: D48E072EADD1FA1B281759DEC170EF0C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Def1ed76362059c90%26uid%3D
Frame ID: 478DE6EB3BA91CCD1DC9FD4F261E7BEB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 919F8A5D2C7261E20482CF2D68AFFA91
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D&s=190243&C=1
Frame ID: 245A5FE2AF9893F4F0F4D28A0069FED3
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 9A23F17A56C84470AFF4E7072DF7CCAA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: A7777519BD297E53DA120DE8D904D93F
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 530F39E106A4CD2751C477AE05005EED
Requests: 33 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync/?aid=755289&gdpr_source=none&refer=https://www.unian.pm/
Frame ID: 5A78ECE62571CD4F88D518FE27A400DE
Requests: 1 HTTP requests in this frame

Frame: https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BF60F59822E0F0478C028546BC7FD93B
Requests: 13 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Frame ID: 61946EFBF90979EC12F43E07508FB924
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: FA0616EE0AC72A0514CA336CD33605EE
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJMGDgAFUMeCk4H3
Frame ID: F57A3AFB6244B69336E915BAA02C8633
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=5881321304175027784&gdpr=&gdpr_consent=
Frame ID: AE628E885D7ACFA0DBF1626B353285F4
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yOTE3YmE0ZS1hOWJkLTQzMDctYmI4MC1lNTkxMzEwY2YxMGI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: CE54516D5BA756D1DCC56B00C31F455F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: F3F23FC122F54146EA6F50C10C96B4D7
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: C4B41F79E76E425D15EE6B64169A29AB
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 07F1BD9E2FC660CCECBC2F665B94862C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=_25m5vfA8QdfrE_etgM9bIvkJYP6tQ5xjrzBKuJs8kg&pi=gumgum&tc=1
Frame ID: 03CDA7DA54434BD68519FEEAB2558ADE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: D8F6BD88C2C55C543E50E516C036BF10
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
Frame ID: 50DB7CBE4ADC009A311B4AAAD2A18745
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8782D8259DADDA4A464A56FDDFE2C6D8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F02A5723D9E68FEFE57DE192E67B47FD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: D7E019424CF52610FCE7C59BBD1DAAFE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Зима буде чорною — УНІАН

Page URL History Show full URLs

  1. https://mundowao.com/unia3686729 Page URL
  2. https://www.unian.pm/politics/zima-budet-chernoj.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

206
Requests

79 %
HTTPS

27 %
IPv6

85
Domains

113
Subdomains

74
IPs

10
Countries

2421 kB
Transfer

6016 kB
Size

80
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mundowao.com/unia3686729 Page URL
  2. https://www.unian.pm/politics/zima-budet-chernoj.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 70
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr={gdpr}&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extuid%3D%3Cvsid%3E HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
Request Chain 72
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=33a85b19048a4266
Request Chain 74
  • https://sync.adsinteractive.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D750634%26extuid%3D%24AUID%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D HTTP 308
  • https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-fHf3EWd8zoaYsDmStyvVZ2AHUc5O8xQat2tNXrwy&gpp={gpp}&gpp_sid={gpp_sid}
Request Chain 75
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=143b3229-bd71-4cec-9559-4e8e60bea29b
Request Chain 76
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6465034710266543481
Request Chain 77
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D753378%26extuid%3D%5BUID%5D%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26ccpa%3D%7Bus_privacy%7D%26coppa%3D%7Bcoppa%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=8b258337-91cd-4fed-9b56-e1aca4e7b785&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ccpa={us_privacy}&coppa={coppa}
Request Chain 78
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1541475896715551487
Request Chain 79
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D751004%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=7396950277667648747
Request Chain 80
  • https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310531%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr={gdpr}&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&extuid=
Request Chain 81
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1700261557775 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=594465607 HTTP 302
  • https://sync.1rx.io/usersync/turn/8228793670383708130?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e2b46730-6913-4ab6-87fe-cbf500869f60-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-e2b46730-6913-4ab6-87fe-cbf500869f60-003 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-e2b46730-6913-4ab6-87fe-cbf500869f60-003
Request Chain 87
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Def1ed76362059c90%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=ef1ed76362059c90&uid=7396950277667648747
Request Chain 88
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Def1ed76362059c90%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=ef1ed76362059c90&uid=ua-af4d7199-589f-3ed2-bd7a-0f05ec3e2ac5
Request Chain 92
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3Def1ed76362059c90 HTTP 302
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=ef1ed76362059c90
Request Chain 95
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 96
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D&s=190243&C=1
Request Chain 105
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D77cf2ec8-8d65-43fe-4db9-2cb237a73e32%26reqId%3D46673201-b08d-41e7-52cb-addc89e20ff1%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D77cf2ec8-8d65-43fe-4db9-2cb237a73e32%26reqId%3D46673201-b08d-41e7-52cb-addc89e20ff1%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7b493b5e-0b69-4b30-9a90-7d3887c9700d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Request Chain 112
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D77cf2ec8-8d65-43fe-4db9-2cb237a73e32%26reqId%3D46673201-b08d-41e7-52cb-addc89e20ff1%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D77cf2ec8-8d65-43fe-4db9-2cb237a73e32%26reqId%3D46673201-b08d-41e7-52cb-addc89e20ff1%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=20564090378348313300107039783307670235&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Request Chain 115
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D77cf2ec8-8d65-43fe-4db9-2cb237a73e32%26reqId%3D46673201-b08d-41e7-52cb-addc89e20ff1%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7302567781984041111&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Request Chain 116
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32
Request Chain 117
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D77cf2ec8-8d65-43fe-4db9-2cb237a73e32%26reqId%3D46673201-b08d-41e7-52cb-addc89e20ff1%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D77cf2ec8-8d65-43fe-4db9-2cb237a73e32%26reqId%3D46673201-b08d-41e7-52cb-addc89e20ff1%26zdid%3D1361&bounce=1&random=3223845917 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=xyai4Nel49qxjMPq/MWNve&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Request Chain 119
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=77cf2ec8-8d65-43fe-4db9-2cb237a73e32?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Request Chain 120
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-eGgd29ZE2orYk5MJBbqEPJI8fwuMrfLE3g--~A&zpartnerid=570&env=mWeb
Request Chain 121
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1iIxRWcmH0MNy4%2Flistdtux%2BS41iYitP1U%3D
Request Chain 125
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D77cf2ec8-8d65-43fe-4db9-2cb237a73e32%26reqId%3D46673201-b08d-41e7-52cb-addc89e20ff1%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D77cf2ec8-8d65-43fe-4db9-2cb237a73e32%26reqId%3D46673201-b08d-41e7-52cb-addc89e20ff1%26zdid%3D1361&_test=ZVfutgAAaKwpLgBd HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZVfutgAAaKwpLgBd&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Request Chain 126
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Request Chain 127
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361&dcc=t
Request Chain 129
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D77cf2ec8-8d65-43fe-4db9-2cb237a73e32%26reqId%3D46673201-b08d-41e7-52cb-addc89e20ff1%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Request Chain 133
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y4hT-5jYBPrQhFCvxYpL-8SJVfXQ2Vf0yI0GU54V&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Request Chain 148
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVfutczLabQ3Ow7IQ.MiGQAA%263242&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVfutczLabQ3Ow7IQ.MiGQAA%263242&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f1594f41aa144ac1902eb10dca43ffea HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 150
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVfutczLabQ3Ow7IQ.MiGQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKR7ptteF1VYxpLU5LOSaKc&google_cver=1&google_hm=2
Request Chain 151
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVfutczLabQ3Ow7IQ-MiGQAADKoAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVfutczLabQ3Ow7IQ-MiGQAADKoAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 152
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6LzoYQrN1R47Hw5
Request Chain 157
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7396950277667648747
Request Chain 158
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2917ba4e-a9bd-4307-bb80-e591310cf10b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_2917ba4e-a9bd-4307-bb80-e591310cf10b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=47f90e3f-88ca-44ee-99d6-c940680c6679&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=f3f481fa-49d2-413f-b75d-754fa435e152&expires=1&user_group=2&ssp=gumgum2&bsw_param=47f90e3f-88ca-44ee-99d6-c940680c6679&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=47f90e3f-88ca-44ee-99d6-c940680c6679&gdpr=&gdpr_consent=&us_privacy=
Request Chain 160
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f71074a5-c834-5aab-49ac-3ed2f9861b46$ip$82.199.130.43
Request Chain 162
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=84a4fd5e-3950-49c7-a2d7-7479fd41a216
Request Chain 164
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_2917ba4e-a9bd-4307-bb80-e591310cf10b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 165
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=n3XKjQeSIJkp&ev=1&pid=558355
Request Chain 169
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=5881321304175027784&gdpr=&gdpr_consent=
Request Chain 174
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=_25m5vfA8QdfrE_etgM9bIvkJYP6tQ5xjrzBKuJs8kg&pi=gumgum&tc=1
Request Chain 175
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 192
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CPVYBte5XZaWKGqC_juwPv9aGmAv2r6yjdKCMwoq3EtrZHhABIP3_hSNglQKgAaq7kvECyAEJqQIdK7wseJpdPuACAKgDAcgDSKoE3wJP0HMGS-r2CyUnjrkFgTMIMDqL6H0kcpTp3gAXBd7zu9ld4PS_z4EViu213jFo-7e0aRW6wdOSXKXTlToyqrBXVlfxrFa0k4WI2sCirlwZk2Qqd3Xu_N4qANTdFQa9xUwhPdU_sMkoaBUzXRUxzxEJbV11qMpILqcbHSqUoTsqDWs572HuU4HcdHNGXA0bjom-6uQSKwU6PqJze0uXbTr5SN6O-QPriAWjQJdOCTCVK9qCDU86RpJKzGyo-UulnW0VkHaUoarYrPycNmQOD9N1dbmAX4ahgH5oG2kw_6hiISi65c9tQjUgfs8H2W0kKXoLmDV_vgV2bUG9raJiLjBNYw7qn1VedpIYh1RRMRkaSoUqvXqgrgzKbeQ7Jnn2nTdU3bn5RBvftwxAI5GCwR9SlqGnEprjtC8YUXTQOtyU22JRsikXSNnVrn9y0z1upbo8qgeNnRwVneFwJj8ycmTABNze8LLHBOAEAYgFsqS-q02gBi6AB77E7Y4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ8qsG0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJhQFodHRwczovL3d3dy5zYW1zdW5nLmNvbS91YS9vZmZlci9ibGFjay1mcmlkYXkvMjAyMy10ZWFzZXIvP2NpZD11YV9wZF9kaXNwbGF5X2dkbl90dl9ub25lXzEwOTkzX2F2X2JsYWNrLWZyaWRheV9ub3ZfYmFubmVyX2Rpc3BsYXlfZ2RugAoDyAsBogwQKg4KDOS0sQLutbECtbixAuINEwj6oZ7xj8yCAxWgn4MHHT-rAbPYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjAyODY0Mzk0NjQ2MTczNRjV2xY&sigh=sb1H4XIOx68&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNPmo56km7HRZ_D6xtL7l1E9abUDcbvy3Aaghwc-WCSvS9IQxi-vUDhxhJgUvXgD_BR1NEsTfRJJ3-osDlSqFoemQz4ppkK6BuA74YAQ&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227713798152078278584%22,%22debug_reporting%22:true,%22destination%22:%22https://samsung.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22774151594%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211030646994621079809%22}&andc=true

206 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
unia3686729
mundowao.com/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mundowao.com/unia3686729
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.71.148.217 London, United Kingdom, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.22.1 / Express
Resource Hash
dafd18ea318022295bb52118f790773eba3dca6b84d71fc02a0974ce972fcba2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
CF-Cache-Status
DYNAMIC
CF-RAY
827b8b77fa25772f-LHR
Connection
keep-alive
Content-Encoding
gzip
Date
Fri, 17 Nov 2023 22:52:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GC5bebBRwp3nn6DOqbTjX%2FB%2Bcw6rshQxOIcMtvF8iO5fWGRNqSQcx2as6E9L6kTroONj9ziMvDu4lpZY3Et8YSlIp7QGk9cLUTSqMccWfbm05bN41dadzyFs9A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
nginx/1.22.1
Transfer-Encoding
chunked
Vary
Origin
X-Powered-By
Express
css2
fonts.googleapis.com/ 		4 KB
1002 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Requested by
Host: mundowao.com
URL: https://mundowao.com/unia3686729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb9f037b8ddff6f9ef0236c133d4204a4b0488896d0f7ce56e132cb6b704f5f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mundowao.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 22:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 22:41:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 22:52:34 GMT
truncated
/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
446a17d391ce78c84be8e8dd9fcf0280f8e5c22d482bd78bf2435e7c76c62a3c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
text/javascript
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mundowao.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:41:35 GMT
x-content-type-options
nosniff
age
263459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Nov 2024 21:41:35 GMT
UA-16-11_unian_-2
ggspace.space/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ggspace.space/UA-16-11_unian_-2?return=js.client&&se_referrer=&default_keyword=however%2C%20pandas%20have&landing_url=mundowao.com%2Funia3686729&name=_bQKNWb7hyCXSDKB5&host=https%3A%2F%2Fggspace.space%2FUA-16-11_unian_-2
Requested by
Host: mundowao.com
URL: https://mundowao.com/unia3686729
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:43cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79d18f21b7d7fc001a1dc81a1fe1c277959a0373238c3806aa8a0e8ef1b8b108

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://mundowao.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZXAxU19v8sLmHuarJfSdYi5tc4m%2BUSSUSr34DnQehiv1PQyO%2B3GsrjmQlv%2Bz6z%2F0PVE7xcVWM2sed2MGAzhoXYApmto2RLmK3Puu85WeOgokloPcop5q%2B52QW0MqeaRGcC5WunS95HMvlPW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
827b8b7d6f7960f9-LHR
alt-svc
h3=":443"; ma=86400
expires
Fri, 17 Nov 2023 22:52:34 GMT
Primary Request zima-budet-chernoj.php
www.unian.pm/politics/ 		173 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
18b35dff91304f75c6dd679ebd082bcb67f169f3364e381a7034948c7e530448

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
827b8b7f4e5124ec-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 22:52:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TObY3fVAGfjM%2Bfkr9HH1AQ3Vyk1EpW18mqKbNIYc9j1wXBrfAFHLoXlQCK3nPUOXSK6CGdYcxIK9A5PVvw2lO6FnHg5xSMIqKJPBUW537HDpXrKssNR3%2FCfQHbQCQ2zizQCDJjugc8HG0ho%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.4.16
Inter-Regular.woff
www.unian.ua/build/assets/fonts/Inter/ 		0
0
Inter-Medium.woff
www.unian.ua/build/assets/fonts/Inter/ 		0
0
Inter-SemiBold.woff
www.unian.ua/build/assets/fonts/Inter/ 		0
0
Inter-Bold.woff
www.unian.ua/build/assets/fonts/Inter/ 		0
0
FpM0Skyg3vez.css
www.unian.pm/politics/css/ 		183 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cfcec1eac83e9280c7b5974678eb98449f412217e465c4a09a2de6b67ccc2f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/politics/zima-budet-chernoj.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65295f02-2daf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAaRr3PoLBpbwwdiSTc0ZrCq4L9JzR8tUAm1nXlVs%2FquNMA5p74UeBMbNY3iq0SKeezyIDbXpJsj8NvwdTAyv44KLKQz0xpuV2xuYlt3KKnqyfGFTOrJQP13CR6c5bQopP%2F9SUayo5ivFeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
827b8b82db4c24ec-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		293 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-238PLP1PQZ
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7d083520173ee5d08aa66c3b31699ba474ec475f6ab37fd6d326388e32e98686
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97180
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 22:52:35 GMT
Xon1Im2YHakS.svg
www.unian.pm/politics/fonts/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.unian.pm/politics/fonts/Xon1Im2YHakS.svg
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2f800d3c114ade646cd964cc285934a07c7673db905f93bf733dd8e284cecb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/politics/zima-budet-chernoj.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
507899
etag
W/"65295f02-9a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tlzrt6akXNg7A5po5mn466P%2BoO5y0RtY9rRHLbFbT5Vp2RmCdH7Z77IROou8y5QOKiuIALQCOP8oPoHWweH3bXN1OnkLW9SoztIYzpx%2BYG2XPEPQUE81u2edhY1YsFxJyGUZcPIqgZEc5gY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
827b8b85cfd563d5-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
1627.jpg
www.unian.pm/img/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.unian.pm/img/1627.jpg
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a6adeb96c9545bcfd7798c185bb3bc9ecab6926ec5de00cd5363eea1b2677fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/politics/zima-budet-chernoj.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
93936
alt-svc
h3=":443"; ma=86400
content-length
46016
last-modified
Wed, 15 Nov 2023 20:23:06 GMT
server
cloudflare
etag
"655528aa-b3c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfOUcQ%2B2Fgx3ojSbA3BF1630tnKusEsSgzAM2TBnUqlFamBaTa%2F15ptkAU0%2FgLGwkAwp8EoU%2BtUlpUASxrw63bRCWbmLQh4fLLyPchqykvDKTwtQSkArj4V5v3zDhiPg9KvHb5P53RgWHSE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
827b8b82db4d24ec-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
96nKMhVIy4BV.svg
www.unian.pm/politics/fonts/ 		947 B
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.unian.pm/politics/fonts/96nKMhVIy4BV.svg
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f32968d837bc4bf6d372774b38acfbfa0bd2d4950b23b5eeb71b07ab60219bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/politics/zima-budet-chernoj.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
706744
etag
W/"65295f02-3b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwLZJnb6%2FicgTkDYI2Py24a0vtM6HUUVosb2nBGcT%2Bi%2FffMgQJfjS6vQlAi3VD1WIs%2BjSIHohkuim8ntKR1BO3n%2BQWhg08cjfPMZO4mfGckadK%2FP89wNoaIrUacHF2H%2F9tlyR63sOq2m8Jo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
827b8b842e2c63d5-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
EIYBp5Kp5zJS.css
www.unian.pm/politics/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.unian.pm/politics/css/EIYBp5Kp5zJS.css
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6a9dc715c06e6dac706144dce80376ff5557087f4879ec15c68f7a775e4816

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/politics/zima-budet-chernoj.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
263362
etag
W/"65295f02-c72"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAdgdfMH60W8E5%2BkXRUXjDjDuEuRTl8VAemIjzCLYNU%2B0XJXytCHjgHhzEDeiZnSiLfgbFH6h2pkz2ZCBJe5pGxOLtQnkKA805qtNzc08OTsxlCXN4Zr91N4MQQxSWMAaqbv6KVi3R3glSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
827b8b842e3463d5-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
UPAPCypskf95.js
www.unian.pm/politics/js/ 		183 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.unian.pm/politics/js/UPAPCypskf95.js
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7927a2fb0fabb41eaafa5410a21e8cad5477c60d36b21e566f55d17459492ff9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/politics/zima-budet-chernoj.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
263361
etag
W/"65295f02-2db82"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2F04g5BCVLHRQh8dVwHdnRHq19YMEPYTO0a3tOamXWHzSCIDwBfqAxQPrWB5WFieNlZ7wSuyxKyzgHJqmtJddlXCBvWc%2BcRi%2Bvj6zGZ%2BRt9g0Moky1HkxCF%2BIN%2BJP4qrump8VXIBV659i6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
827b8b848ea263d5-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
ETZ6JaNHyN6X.js
www.unian.pm/politics/js/ 		300 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.unian.pm/politics/js/ETZ6JaNHyN6X.js
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ab52489626b4e4e2a33171ba637eed4e172cae347378a9a2c5ca389a65a70c4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/politics/zima-budet-chernoj.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
263361
etag
W/"65295f02-4ae5f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X44p%2Fd4Q3Z9e3lPvkIhhmsYm%2Fgi6CNz6fke%2BlFm%2BBNYwrwwMWJZiSOZKcIYmtdokB1g%2FK1jKgHna1WYgIbSEicNICXqEdXHEtfDRDvKY0ip%2BOhl4OIhyy3ozdTGrEaUOuL5buB7N44SVVrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
827b8b848ea763d5-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67

Request headers

Referer
https://www.unian.pm/
Origin
https://www.unian.pm
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.7.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
827b8b86bbbe8885-LHR
gtm.js
www.googletagmanager.com/ 		178 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-56LPBQP
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64a041825d55e90e4dd040673c9633e258968b33d56fcd524a536332c7ae533e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65456
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Nov 2023 22:52:36 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
ejsGPRaQ3WwZ.svg
www.unian.pm/politics/fonts/ 		347 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.unian.pm/politics/fonts/ejsGPRaQ3WwZ.svg
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5363e5efdd6b816fce8ea9e7d221960529575fa79fc5f94459f6156ef48c4354

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/politics/css/FpM0Skyg3vez.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
427787
etag
W/"65295f02-15b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnJUfwcVjKr%2FlSAVM6%2BxzgY1zkIBy3buXn%2BEphN6Xn4nef9I6vTP76aJUl9KoVAdh1DeQnJKERQYhFl09%2BzHzol%2BKVJR0bejS9ZpCX3N3B8WZwVLd8lpHAENQBoDsTNQ3yjAscNTrjZN2SI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
827b8b87d9f863d5-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
rzlHeAFzGIWd.svg
www.unian.pm/politics/fonts/ 		437 B
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.unian.pm/politics/fonts/rzlHeAFzGIWd.svg
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbea9cb83aaedddf07f9d67081705f875ab13970f54db7c67faa15256974a1b7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/politics/css/FpM0Skyg3vez.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
427787
etag
W/"65295f02-1b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgZCtQZGtPw5rG%2FE884xpgo29xs1HV%2BTMj%2ByDHVL96gBPSzPXSEYlW49cak9WztyWGzy%2BDMeL5ynAltiuMHG4Ovc8wvLZEi0Gr0gaJ4Zild4QX%2Ba2gj6Oe8mEPR5HS42u7nLgSo%2F%2F2aoFwg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
827b8b87d9fb63d5-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
NB19lw608eIk.png
www.unian.pm/politics/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.unian.pm/politics/images/NB19lw608eIk.png
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
760100b1b6b1f7c6f11fe8dfad6470ec848d07d1ae1504b748bbb64325eff31b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/politics/css/FpM0Skyg3vez.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
263361
alt-svc
h3=":443"; ma=86400
content-length
8830
last-modified
Fri, 13 Oct 2023 15:15:15 GMT
server
cloudflare
etag
"65295f03-227e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajBVweACAyVb7WKxjS1mn0dawSv7s8mFq6pK33voBCBJMOdGCOB6QmgGQizg7UItraBW5ARYNVkh7BDqAzbr2o8ZG83cDdVz6raCpDSh7cKOjaRSUDb%2B%2BLjBRZBc7D%2Fun%2FGNq%2BC6sexcwys%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
827b8b87d9fc63d5-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
zzKc7n73BQ3n.svg
www.unian.pm/politics/fonts/ 		182 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.unian.pm/politics/fonts/zzKc7n73BQ3n.svg
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8936c3f974d5a9641fb3579790de81487b342ebd4419d032e6cdc4f05ea310b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/politics/css/FpM0Skyg3vez.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
263361
etag
W/"65295f02-b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZgX%2BmVdetiu8304FBnq4wic2MsSw%2BtyOVowzw%2BlnJ7oFYQEJNBumJ6RNNAg1EmRIFHtwYJYXH2vO%2Fk5qhSYQriHCNWRhNRRkW77DFvOacwZrWhYHCBKeZzJl8zlymsYcGm9X5oyL7jN6do%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
827b8b87d9fd63d5-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
5bWRNTQxGnpY.woff
www.unian.pm/politics/fonts/ 		145 KB
146 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.unian.pm/politics/fonts/5bWRNTQxGnpY.woff
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6574b372f3cbbddc9af0a2f40c8be7b91a50494b59c1c8d6a47ed2da9b03a318

Request headers

Referer
https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Origin
https://www.unian.pm
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
507824
alt-svc
h3=":443"; ma=86400
content-length
148836
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
server
cloudflare
etag
"65295f02-24564"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQGEqZ53gyK%2Be%2BE6TR3zMQsQyhZHGRDFrKPoaITXy4spWABwW%2FuCXIP8N22hCST6STTIRP%2BNz0xtHYLHdh8hZsRPjJKnR3NnnFSJK2wAbu%2B6mY4rQufpF%2BNqPPBi50iCxDhyNmg8GqS05a8%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
827b8b87ea0363d5-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
IKr4y4gD4gbL.woff
www.unian.pm/politics/fonts/ 		144 KB
144 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.unian.pm/politics/fonts/IKr4y4gD4gbL.woff
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
728ef848efe5186f1ac228e701c3ebac4c26db1a247da640684596c01b386e90

Request headers

Referer
https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Origin
https://www.unian.pm
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
109167
alt-svc
h3=":443"; ma=86400
content-length
147368
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
server
cloudflare
etag
"65295f02-23fa8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24adNOU7EFHPBr6obPmLGtLyQOxe5Q9xoCCq2GYpAFXwIrQVECnYdoIzd%2Frh4o0PnexttlWXn%2FNd3%2BEYthANGr6WDe8ryTfJSu6a0RAVOHVfgk36FCgUgAdNmbGcEHRb0bKKpLyia3TBc0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
827b8b87ea0763d5-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
hpVuxyIvWCgc.woff
www.unian.pm/politics/fonts/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.unian.pm/politics/fonts/hpVuxyIvWCgc.woff
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer
https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Origin
https://www.unian.pm
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
507824
alt-svc
h3=":443"; ma=86400
content-length
98024
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
server
cloudflare
etag
"65295f02-17ee8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOzP5NdT24y%2BWvQzZdv5g%2Bc5WMfjjFRHUTh6X0C9iuZ1A%2FR%2Fn4RW4cqgU0cNzaGHwKQW0zDgl8ULtpBbVMM9VYkQPH5bunoHKma2WZDxKLtV1jwRF6XPJYN8uzmrCrH9sVFo3MMulgRQO%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
827b8b87ea0a63d5-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
LRiJScGpeYoJ.woff
www.unian.pm/politics/fonts/ 		136 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.unian.pm/politics/fonts/LRiJScGpeYoJ.woff
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d31045bb8a4879a41901666a092e6a6f8da33c188dbe504ee4aa6443df2c40

Request headers

Referer
https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Origin
https://www.unian.pm
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
109167
alt-svc
h3=":443"; ma=86400
content-length
139044
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
server
cloudflare
etag
"65295f02-21f24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odOa%2FwqbpJnR5fqfJzdJ5wScdzH0yp8OB4ZruQt9F%2B0INpf14tZ9oHZ69qb4dL%2BLUu214TZWup0Mh3tBMg99yB2moaDmIXsSidzl6j8dr3crSy0wOJnHMNdRLQnd9jOAd%2B99EHkajPxYYi8%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
827b8b87ea0d63d5-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
aVRWHpsA9NDG.woff
www.unian.pm/politics/fonts/ 		145 KB
146 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.unian.pm/politics/fonts/aVRWHpsA9NDG.woff
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a083402efeda73bd3f9cbd4d69d11c721d879ff6ff99e44b24d1d13064c741

Request headers

Referer
https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Origin
https://www.unian.pm
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
507824
alt-svc
h3=":443"; ma=86400
content-length
148504
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
server
cloudflare
etag
"65295f02-24418"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xs%2Br2BzVGOkXBBQpDgue2zkmUhlkjk5u9syTkZZnTC9x3hWuK5L9JgFSzQHFHwYejZLyCqB8EkhunM41PEiZlmDZ9S2s9hURvyJuOoVtnhDlCAPFqGQ3ISmSGTZ2aqSg3eTm7PPpvbNFxfA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
827b8b87ea0f63d5-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
I2mTFrCTayWj.woff
www.unian.pm/politics/fonts/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.unian.pm/politics/fonts/I2mTFrCTayWj.woff
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28b1f4b9f20caeb834a4131d0b100e53f258fe81b8ac5367798f22bbb7869bfa

Request headers

Referer
https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Origin
https://www.unian.pm
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
507824
alt-svc
h3=":443"; ma=86400
content-length
5588
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
server
cloudflare
etag
"65295f02-15d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqzJWh9kOp1MIJAp%2BiwCQ6ANfur%2BbljY69y6XZXFBYWLhE3PImzBMP0%2FKUpAgL1RErmD1h4VMX6fQONCOf1gstZDqhIqnfbCkmL2OoFMBp%2FnkfzaVER0bnfh5YkTQHVRwwoqkbwaOTy3gNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
827b8b87ea1163d5-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
370_250_1581697907-1098.jpg
images.unian.net/photos/2020_02/thumb_files/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unian.net/photos/2020_02/thumb_files/370_250_1581697907-1098.jpg
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.61.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7846b302e5d49fd0011306c39184a092324490bdd7cc9f82a903a70ed2c3133
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
strict-transport-security
max-age=15552000
cf-cache-status
HIT
cf-polished
degrade=85, origSize=23560, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
22655
cf-bgj
imgq:85,h2pri
last-modified
Fri, 14 Feb 2020 16:31:51 GMT
server
cloudflare
etag
"8e9e8accbff55caca006eb68f1e1d7a8"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
827b8b891d49dd68-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
370_250_1689068901-3642.jpg
images.unian.net/photos/2023_07/thumb_files/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unian.net/photos/2023_07/thumb_files/370_250_1689068901-3642.jpg
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.61.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adbd0ff2fb438a86b8a4e951c46d36cb45930687b0dcbca9e95bab21f1114b61
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
strict-transport-security
max-age=15552000
cf-cache-status
HIT
cf-polished
degrade=85, origSize=23547, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
22198
cf-bgj
imgq:85,h2pri
last-modified
Tue, 11 Jul 2023 09:48:26 GMT
server
cloudflare
etag
"809d04cdd87a66371af86db03a7bd680"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
827b8b891d4bdd68-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
370_250_1689064002-6515.jpg
images.unian.net/photos/2023_07/thumb_files/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unian.net/photos/2023_07/thumb_files/370_250_1689064002-6515.jpg
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.61.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a148f94c7433e8e01eda92379e94205023804368bdf0f305fb239631b7ac6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
strict-transport-security
max-age=15552000
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=21229
content-disposition
inline; filename="370_250_1689064002-6515.webp"
alt-svc
h3=":443"; ma=86400
content-length
19810
cf-bgj
imgq:85,h2pri
last-modified
Tue, 11 Jul 2023 08:26:46 GMT
server
cloudflare
etag
"712fb6cdacb3f79e62c8f452818b849b"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
827b8b891d4ddd68-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-238PLP1PQZ&gtm=45je3b81v878123379&_p=1700261556428&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1626409700.1700261557&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700261556&sct=1&seg=0&dl=https%3A%2F%2Fwww.unian.pm%2Fpolitics%2Fzima-budet-chernoj.php&dt=%D0%97%D0%B8%D0%BC%D0%B0%20%D0%B1%D1%83%D0%B4%D0%B5%20%D1%87%D0%BE%D1%80%D0%BD%D0%BE%D1%8E%20%E2%80%94%20%D0%A3%D0%9D%D0%86%D0%90%D0%9D&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1631
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-238PLP1PQZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.unian.pm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-238PLP1PQZ&cid=1626409700.1700261557&gtm=45je3b81v878123379&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-238PLP1PQZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.unian.pm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P6EEJX21DY&gtm=45je3b81v878123379&_p=1700261556428&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1626409700.1700261557&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700261556&sct=1&seg=0&dl=https%3A%2F%2Fwww.unian.pm%2Fpolitics%2Fzima-budet-chernoj.php&dt=%D0%97%D0%B8%D0%BC%D0%B0%20%D0%B1%D1%83%D0%B4%D0%B5%20%D1%87%D0%BE%D1%80%D0%BD%D0%BE%D1%8E%20%E2%80%94%20%D0%A3%D0%9D%D0%86%D0%90%D0%9D&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1636
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-238PLP1PQZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.unian.pm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P6EEJX21DY&cid=1626409700.1700261557&gtm=45je3b81v878123379&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-238PLP1PQZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.unian.pm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-32196466-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-238PLP1PQZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64cdf7dffce31831122aa6d04e86c6c90ab233a9210575a0266d4f7432bfc581
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68776
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Nov 2023 22:52:36 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-238PLP1PQZ&cid=1626409700.1700261557&gtm=45je3b81v878123379&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1499079372
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P6EEJX21DY&cid=1626409700.1700261557&gtm=45je3b81v878123379&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=930411805
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
matomo.js
counter.unian.net/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.unian.net/matomo.js
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.137.240.24 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
counter.unian.net
Software
nginx /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
gzip
referrer-policy
origin
x-content-type-options
nosniff
last-modified
Wed, 02 Aug 2023 08:39:57 GMT
server
nginx
etag
W/"64ca165d-10132"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-xss-protection
1; mode=block
expires
Fri, 24 Nov 2023 22:52:36 GMT
27qjrH9v8aFz.woff
www.unian.pm/politics/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.unian.pm/politics/fonts/27qjrH9v8aFz.woff
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1022331ae86fd1238c175b3beb5d01d5a2338464a0d0625ad5fc08b32472309e

Request headers

Referer
https://www.unian.pm/politics/css/FpM0Skyg3vez.css
Origin
https://www.unian.pm
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
263359
alt-svc
h3=":443"; ma=86400
content-length
19184
last-modified
Fri, 13 Oct 2023 15:15:14 GMT
server
cloudflare
etag
"65295f02-4af0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nz2DrK5w8ijMKAN8H404PLYBFBzqoRTFZ4yPQNDiSNSdbZOJXYXO7Sv8s1zzdrYG5OVuDeqky%2Bc1NuFtg4bhCn9cj%2BOy1y70UbiNz4Gf0SVGIQhIfpfv4y4X9ymKI1JwiP77Jl%2B%2Bx8PnK2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
827b8b88aae263d5-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
hb_298309_4142.js
player.adtcdn.com/prebidlink/472294/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/472294/hb_298309_4142.js
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/js/ETZ6JaNHyN6X.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d192d8283724bae1808b9bbe85469aca292d935607ba89c733ed7885b4eebbb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 13:43:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
192
etag
W/"65576dfb-602"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Td3plYCH5ezswmaUiwUzw3xppl%2FGF6FZ3vSIXAHTn%2BNeS4MVQamf2sA4pOoJWmOY%2B4CdjDl7qIqkVFOrp0Opv9OQApdZArrPRSEvu2SikPJmr4bfXmgi4efFBk9Crb7Pe4zPCQZS%2BIOT%2B5nTPZQkLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
827b8b8a2de16549-LHR
alt-svc
h3=":443"; ma=86400
expires
Fri, 17 Nov 2023 23:04:24 GMT
wrapper_hb_298309_4142.js
player.adtcdn.com/prebidlink/472294/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/472294/wrapper_hb_298309_4142.js
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/js/ETZ6JaNHyN6X.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
141d4d75975de3ebe0cdee4819a857803301193c7db5908432070768e53b6f98

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 13:43:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
192
etag
W/"65576dfb-9fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2B2YBndF3AdPov3F6uKXOG5c1ADHzhO8pGrgxQAbPOqNPahB0K1I%2Fqwd%2BclxwQuK8lDwNUiZFhBKMgral3A8JGucOV%2B%2FvCivXfYv47Xen6jC3AS0ONA%2FwcjTNoT2PpgET1sjdMPB%2FO6l%2B%2Bi7wHcJYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
827b8b8a2de06549-LHR
alt-svc
h3=":443"; ma=86400
expires
Fri, 17 Nov 2023 23:04:24 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/js/ETZ6JaNHyN6X.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98a2c82b50564219cec6802f7466aa41f912dd9e67209011ddeac90c2be1ff78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31364
x-xss-protection
0
server
cafe
etag
880 / 19678 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 22:52:36 GMT
js
www.googletagmanager.com/gtag/ 		225 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LQ29S76Q16&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32196466-2&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
26a7a5db2bf54b772772ef0ae3d4923a732bbed34dd33671f215de0793b2f1d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81405
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 22:52:36 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32196466-2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 21:49:40 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3776
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 17 Nov 2023 23:49:40 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-LQ29S76Q16&gtm=45je3b81v9136855483&_p=1700261556428&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1626409700.1700261557&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1700261556&sct=1&seg=0&dl=https%3A%2F%2Fwww.unian.pm%2Fpolitics%2Fzima-budet-chernoj.php&dt=%D0%97%D0%B8%D0%BC%D0%B0%20%D0%B1%D1%83%D0%B4%D0%B5%20%D1%87%D0%BE%D1%80%D0%BD%D0%BE%D1%8E%20%E2%80%94%20%D0%A3%D0%9D%D0%86%D0%90%D0%9D&en=page_view&_fv=1&_ss=1&tfd=1920
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQ29S76Q16&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.unian.pm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LQ29S76Q16&cid=1626409700.1700261557&gtm=45je3b81v9136855483&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQ29S76Q16&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.unian.pm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LQ29S76Q16&cid=1626409700.1700261557&gtm=45je3b81v9136855483&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=677705467
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hbp_master_298309_4142.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 		475 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_298309_4142.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/472294/hb_298309_4142.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
0ca8f5b94346c3f37d7c138e9a138e95eb48d06033c8e94567873887e2914758

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Sat, 18 Nov 2023 22:52:36 GMT
date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
gzip
last-modified
Tue, 14 Nov 2023 17:02:26 GMT
server
nginx
etag
W/"6553a822-76a58"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
hbw_master_298309_4142.js
player.adtelligent.com/prebidlink/L5lfN/ 		675 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/L5lfN/hbw_master_298309_4142.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/472294/wrapper_hb_298309_4142.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
1a4d553d96248a43d4eb8bee0b2bc30bbd66b3d3f177dbdee2adc75e406367ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Sat, 18 Nov 2023 22:52:36 GMT
date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 13:43:23 GMT
server
nginx
etag
W/"65576dfb-a8ca7"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
collect
www.google-analytics.com/j/ 		2 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=127133161&t=pageview&_s=1&dl=https%3A%2F%2Fwww.unian.pm%2Fpolitics%2Fzima-budet-chernoj.php&ul=en-us&de=UTF-8&dt=%D0%97%D0%B8%D0%BC%D0%B0%20%D0%B1%D1%83%D0%B4%D0%B5%20%D1%87%D0%BE%D1%80%D0%BD%D0%BE%D1%8E%20%E2%80%94%20%D0%A3%D0%9D%D0%86%D0%90%D0%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=194014116&gjid=881456497&cid=1626409700.1700261557&tid=UA-32196466-2&_gid=1525737847.1700261557&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1897350093
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.unian.pm/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.unian.pm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
matomo.php
counter.unian.net/ 		0
202 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.unian.net/matomo.php?action_name=www.unian.pm%2F%D0%97%D0%B8%D0%BC%D0%B0%20%D0%B1%D1%83%D0%B4%D0%B5%20%D1%87%D0%BE%D1%80%D0%BD%D0%BE%D1%8E%20%E2%80%94%20%D0%A3%D0%9D%D0%86%D0%90%D0%9D&idsite=7&rec=1&r=481978&h=22&m=52&s=36&url=https%3A%2F%2Fwww.unian.pm%2Fpolitics%2Fzima-budet-chernoj.php&_id=8c94b92b1909a286&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=zlonDe&pf_net=139&pf_srv=557&pf_tfr=225&pf_dm1=960&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: counter.unian.net
URL: https://counter.unian.net/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.137.240.24 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS
counter.unian.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.unian.pm/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Fri, 17 Nov 2023 22:52:36 GMT
content-encoding
none
referrer-policy
origin
x-content-type-options
nosniff
server
nginx
vary
Origin
access-control-allow-origin
https://www.unian.pm
access-control-allow-credentials
true
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-32196466-2&cid=1626409700.1700261557&jid=194014116&gjid=881456497&_gid=1525737847.1700261557&_u=YADAAUAAAAAAACAAI~&z=1878156705
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.unian.pm/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 17 Nov 2023 22:52:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.unian.pm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 10:54:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
43111
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 16 Nov 2024 10:54:06 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-32196466-2&cid=1626409700.1700261557&jid=194014116&_u=YADAAUAAAAAAACAAI~&z=65213873
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-32196466-2&cid=1626409700.1700261557&jid=194014116&_u=YADAAUAAAAAAACAAI~&z=65213873
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ghb.adtelligent.com/geo/ 		134 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/L5lfN/hbw_master_298309_4142.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
549c4110ac74fbc6998525980ca52455ce85f2e7ffa817de1f9f0e7cd346d07f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 22:52:37 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.unian.pm
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
134
tracking
ghb.adtelligent.com/adunit/ 		43 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=298309&site_id=4142&full_page_url=https%3A%2F%2Fwww.unian.pm%2Fpolitics%2Fzima-budet-chernoj.php&adid=37txul.5x&features=81952&vpbv=N199&lifecycle_tte=2245
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/L5lfN/hbw_master_298309_4142.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 22:52:37 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.unian.pm
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
config.json
player.adtelligent.com/exchange_rates/298308/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/298308/config.json?cb=https%3A%2F%2Fwww.unian.pm%2Fpolitics%2Fzima-budet-chernoj.php
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_298309_4142.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
9f539a4d1ca5c8396bad8d5eaac186b91c5d086c4b3e6262da974aa9579a2782

Request headers

Referer
https://www.unian.pm/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 18 Nov 2023 22:52:37 GMT
date
Fri, 17 Nov 2023 22:52:37 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 12:02:42 GMT
server
nginx
etag
W/"65575662-1176"
content-type
application/json
access-control-allow-origin
https://www.unian.pm
cache-control
max-age=86400
x-proxy-cache
HIT
ads
securepubads.g.doubleclick.net/gampad/ 		140 KB
45 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4397503710811414&correlator=1457106679786985&eid=31079672%2C31079674%2C31079239%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=82479101%2CDisplay_Unian.ua%2CDisplay_Unian.ua_300x600_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700261557360&lmt=1700261557&adxs=1138&adys=577&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.unian.pm%2Fpolitics%2Fzima-budet-chernoj.php&vis=1&psz=304x-1&msz=304x-1&fws=4&ohw=304&ga_vid=1626409700.1700261557&ga_sid=1700261557&ga_hid=127133161&ga_fc=true&dlt=1700261555625&idt=1551&prev_scp=PageType_Unian%3Dwww%26PageRubric_Unian%3Dsociety%26PageSubRubric_Unian%3Dempty%26PageRegion_Unian%3Dempty%26hb_rfBid%3D0%26hb_div_id%3Dbanner-ad-1%26excl_cat%3DPREPOST&adks=3007306932&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e13647bbf338c833e09542cb30f7933acd0773da676db6148be95ba2ca9aa3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:37 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45686
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.unian.pm
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d85fa8f2daa47e3ce90efb3cd812baa2c5d1b01d7300cabdccc373747ae5876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12415
x-xss-protection
0
container.html
104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EDA8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unian.pm/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 22:52:37 GMT
expires
Sat, 16 Nov 2024 22:52:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csyncs
ghb.adtelligent.com/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=437390&aid2=852559
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/L5lfN/hbw_master_298309_4142.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
23427265e480b907f734cb895dc310e5df6da056639b3b307cd5afb8ddfd8778

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 22:52:37 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.unian.pm
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1003
/
ads.us.e-planning.net/uspd/1/ Frame 3900
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/L5lfN/hbw_master_298309_4142.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b4381f57a97774e03d46851fef1828ecbdeb09354d41fc18ab5b901b419be2fa

Request headers

Referer
https://www.unian.pm/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 17 Nov 2023 22:52:37 GMT
expires
Fri, 17 Nov 2023 22:52:37 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-919

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Fri, 17 Nov 2023 22:52:37 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-919
/
onetag-sys.com/usync/ Frame 9B62 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/L5lfN/hbw_master_298309_4142.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.unian.pm/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame 76E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/L5lfN/hbw_master_298309_4142.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP020 /
Resource Hash

Request headers

Referer
https://www.unian.pm/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Fri, 17 Nov 2023 22:52:37 GMT
server
33XP020
x-33x-status
2000208
sync.html
s.console.adtarget.com.tr/ Frame 8D7E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/L5lfN/hbw_master_298309_4142.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:262:3e06::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtelligent /
Resource Hash
44d18febe35cb8ac1fb4f8844ca2228cf1f7dd452d044ba1fba77c28e0180e71

Request headers

Referer
https://www.unian.pm/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.unian.pm
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
980
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 22:52:36 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A843 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/L5lfN/hbw_master_298309_4142.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.unian.pm/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=37659
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 17 Nov 2023 22:52:37 GMT
expires
Sat, 18 Nov 2023 09:20:16 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame D48E
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr={gdpr}&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26...
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
43 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/L5lfN/hbw_master_298309_4142.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.unian.pm/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 17 Nov 2023 22:52:36 GMT
Etag
33a85b19048a4266
Server
Adtelligent

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Fri, 17 Nov 2023 22:52:37 GMT
expires
Fri, 17 Nov 2023 22:52:37 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 22:52:37 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=33a85b19048a4266
35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=33a85b19048a4266
Protocol
HTTP/1.1
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 17 Nov 2023 22:52:38 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=33a85b19048a4266
Date
Fri, 17 Nov 2023 22:52:36 GMT
Server
Adtelligent
Etag
33a85b19048a4266
Content-Length
0
sync
cookies.nextmillmedia.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookies.nextmillmedia.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D722242%26extuid%3D%5BNMUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.48.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-48-210.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
csync
sync.adtelligent.com/
Redirect Chain
  • https://sync.adsinteractive.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D750634%26extuid%3D%24AUID%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-fHf3EWd8zoaYsDmStyvVZ2AHUc5O8xQat2tNXrwy&gpp={gpp}&gpp_sid={gpp_sid}
43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-fHf3EWd8zoaYsDmStyvVZ2AHUc5O8xQat2tNXrwy&gpp={gpp}&gpp_sid={gpp_sid}
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 22:52:37 GMT
Server
Adtelligent
Etag
33a85b19048a4266
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=750634&extuid=adsint-fHf3EWd8zoaYsDmStyvVZ2AHUc5O8xQat2tNXrwy&gpp={gpp}&gpp_sid={gpp_sid}
access-control-allow-origin
date
Fri, 17 Nov 2023 22:52:37 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
183
content-type
text/html; charset=utf-8
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=143b3229-bd71-4cec-9559-4e8e60bea29b
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=143b3229-bd71-4cec-9559-4e8e60bea29b
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 22:52:37 GMT
Server
Adtelligent
Etag
33a85b19048a4266
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=143b3229-bd71-4cec-9559-4e8e60bea29b
date
Fri, 17 Nov 2023 22:52:37 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
csync
sync.adtelligent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6465034710266543481
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6465034710266543481
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 22:52:37 GMT
Server
Adtelligent
Etag
33a85b19048a4266
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:37 GMT
an-x-request-uuid
84869abf-28e8-48b1-8ef3-ef39e8cd1da0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=6465034710266543481
x-proxy-origin
82.199.130.43; 82.199.130.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/
Redirect Chain
  • https://cm-x.mgid.com/7d2fea400064b22652273d22c2e07bad.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D753378%26extuid%3D%5BUID%5D%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%...
  • https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=8b258337-91cd-4fed-9b56-e1aca4e7b785&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ccpa={us_privacy}&coppa={coppa}
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=8b258337-91cd-4fed-9b56-e1aca4e7b785&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ccpa={us_privacy}&coppa={coppa}
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 22:52:37 GMT
Server
Adtelligent
Etag
33a85b19048a4266
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 22:52:37 GMT
Transfer-Encoding
chunked
Location
https://sync.adtelligent.com/csync?t=a&ep=753378&extuid=8b258337-91cd-4fed-9b56-e1aca4e7b785&gdpr={gdpr}&gdpr_consent={gdpr_consent}&ccpa={us_privacy}&coppa={coppa}
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
csync
sync.adtelligent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1541475896715551487
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1541475896715551487
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 22:52:37 GMT
Server
Adtelligent
Etag
33a85b19048a4266
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:37 GMT
an-x-request-uuid
87eff17a-7690-4618-a0f5-ae83be50f94b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=1541475896715551487
x-proxy-origin
82.199.130.43; 82.199.130.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D751004%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=7396950277667648747
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=7396950277667648747
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 22:52:37 GMT
Server
Adtelligent
Etag
33a85b19048a4266
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:37 GMT
an-x-request-uuid
3de85abe-851f-4beb-a468-591e2793c0dc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=7396950277667648747
x-proxy-origin
82.199.130.43; 82.199.130.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310531%26gdpr%3D%7Bgdpr%7...
  • https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr={gdpr}&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&extuid=
43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr={gdpr}&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&extuid=
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 22:52:37 GMT
Server
Adtelligent
Etag
33a85b19048a4266
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr={gdpr}&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&extuid=
date
Fri, 17 Nov 2023 22:52:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
csync
sync.adtelligent.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1700261557775
  • https://ad.turn.com/r/cs?pid=45&rndcb=594465607
  • https://sync.1rx.io/usersync/turn/8228793670383708130?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-e2b46730-6913-4ab6-87fe-cbf500869f60-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-e2b46730-6913-4ab6-87fe...
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-e2b46730-6913-4ab6-87fe-cbf500869f60-003
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-e2b46730-6913-4ab6-87fe-cbf500869f60-003
Protocol
HTTP/1.1
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 22:52:37 GMT
Server
Adtelligent
Etag
33a85b19048a4266
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-e2b46730-6913-4ab6-87fe-cbf500869f60-003
date
Fri, 17 Nov 2023 22:52:38 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe2b4673069134ab687fecbf500869f60003
content-type
text/html
sync
vid.vidoomy.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
script.js
cdnstat.net/get/ 		129 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstat.net/get/script.js?referrer=https://www.unian.pm/politics/zima-budet-chernoj.php
Requested by
Host: www.unian.pm
URL: https://www.unian.pm/politics/js/ETZ6JaNHyN6X.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.1
Resource Hash
c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.1
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.unian.pm
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cj076FX6ygJkPBqQO%2FSB8%2F8G9P%2Fda9WzekFwIHiU2pQ3CQANZq8ffMbFwPKAwj4K1D9XQC2yTPWAivHzVvyccASZJGWh8Yg0q1WBu0o6mMSgWXOmab7T0wrTNVIFBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
827b8b925cec418e-LHR
access-control-allow-headers
X-Requested-With,content-type
alt-svc
h3=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 22:52:38 GMT
pbs.gif
sync.admanmedia.com/ Frame 3900 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Def1ed76362059c90%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.17 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 22:52:37 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
60
Content-Type
text/plain
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 3900 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:37 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 15 Nov 2028 22:52:37 GMT
um
u-ams03.e-planning.net/ Frame 3900
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Def1ed76362059c90%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=ef1ed76362059c90&uid=7396950277667648747
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=ef1ed76362059c90&uid=7396950277667648747
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

server
openresty
date
Fri, 17 Nov 2023 22:52:37 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:37 GMT
an-x-request-uuid
d2fe167e-c9cf-452e-bee4-58967ba81f52
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=ef1ed76362059c90&uid=7396950277667648747
x-proxy-origin
82.199.130.43; 82.199.130.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 3900
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Def1ed76362059c90%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=ef1ed76362059c90&uid=ua-af4d7199-589f-3ed2-bd7a-0f05ec3e2ac5
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=ef1ed76362059c90&uid=ua-af4d7199-589f-3ed2-bd7a-0f05ec3e2ac5
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

server
openresty
date
Fri, 17 Nov 2023 22:52:38 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=ef1ed76362059c90&uid=ua-af4d7199-589f-3ed2-bd7a-0f05ec3e2ac5
pragma
no-cache
date
Fri, 17 Nov 2023 22:52:37 GMT
cache-control
no-store
content-length
0
expires
0
v1
match.sharethrough.com/universal/ Frame 3900 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.37.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-37-65.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:37 GMT
us
sync.go.sonobi.com/ Frame 3900 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Def1ed76362059c90%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:37 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-122
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
rtb.openx.net/sync/ Frame 3900 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Def1ed76362059c90%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
um
u-ams03.e-planning.net/ Frame 3900
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=ef1ed76362059c90
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=ef1ed76362059c90
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=ef1ed76362059c90
date
Fri, 17 Nov 2023 22:52:37 GMT
server
fasthttp
content-length
0
sync
x.bidswitch.net/ Frame 3900 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 478D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Def1ed76362059c90%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=37659
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 17 Nov 2023 22:52:37 GMT
expires
Sat, 18 Nov 2023 09:20:16 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 919F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.202.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-202-12.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 22:52:38 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 17 Nov 2023 22:52:37 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 245A
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D&s=190243&C=1
2 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de3c76a0ec174cb017251a1ff41a908fe14faeef0c88e593aacc9c6b2fc00590

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
827b8b90a9156521-LHR
content-encoding
br
content-type
text/html
date
Fri, 17 Nov 2023 22:52:37 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3GPIFkKOPteaLeYkltvFa2qJTGnJGhlk2jNkPwPgjpzxQtoPtsbDRPGa%2FvmsAOm5IV0ydsLQmsh1Yoh097RM9oADcVkNPxUKGOxGY2f4JhDxOujqyCAyo4UZzJdoUzxg%2BbIRqk0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
827b8b9008386521-LHR
content-length
0
date
Fri, 17 Nov 2023 22:52:37 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOf0nUXmvD1juaLZphOGV5qpygQ5%2BbaXlpvTmzIUoHV%2BE%2FeffnVwv6it1qqr%2FVxQX74jrhM8Z7PbmbWoi8LTtHk87Tj%2FOauQmp15NCdxEndU4NDIk4JBl8d4OV75w%2F1yAanb1aVu"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 9A23 		1 KB
999 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
1251
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 17 Nov 2023 22:52:37 GMT
etag
W/"61ddbb71-5f5"
expires
Sat, 09 Oct 2027 01:48:25 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
de7234e31f24e2b6eed083d227320f1e
x-cf-tsc
1665367758
x-cf1
29080:fC.lon1:co:1585621119:cacheN.lon1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame A777 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 530F 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
364c0d38022b47c1e2e7facf4f4e938d0c0f67862317249fd1766699af9c6173
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
827b8b901b49654b-LHR
content-encoding
br
content-type
text/html
date
Fri, 17 Nov 2023 22:52:37 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
PugMaster
image6.pubmatic.com/AdServer/ Frame A843 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57996400&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:37 GMT
content-length
0
/
s.console.adtarget.com.tr/sync/ Frame 5A78 		0
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync/?aid=755289&gdpr_source=none&refer=https://www.unian.pm/
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:262:3e06::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/sync.html?aid=755289
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.console.adtarget.com.tr
Connection
Keep-Alive
Content-Length
0
Date
Fri, 17 Nov 2023 22:52:36 GMT
Server
Adtelligent
X-Robots-Tag
noindex
container.html
104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BF60 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unian.pm/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 22:52:37 GMT
expires
Sat, 16 Nov 2024 22:52:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
getuid
ib.adnxs.com/ Frame 530F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 530F 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 530F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=7b493b5e-0b69-4b30-9a90-7d3887c9700d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7b493b5e-0b69-4b30-9a90-7d3887c9700d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
827b8b926e5c654b-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Fri, 17 Nov 2023 22:52:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=7b493b5e-0b69-4b30-9a90-7d3887c9700d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 530F 		0
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 530F 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D77cf2ec8-8d65-43fe-4db9-2cb237a73e32%26reqId%3D46673201-b08d-41e7-52cb-addc89e20ff1%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:37 GMT
server
Kestrel
content-length
70
content-type
image/gif
cm
trc.taboola.com/sg/zeotap/1/ Frame 530F 		0
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms
7
date
Fri, 17 Nov 2023 22:52:37 GMT
via
1.1 varnish
x-served-by
cache-lon420091-LON
server
nginx
x-timer
S1700261558.959737,VS0,VE7
x-fastly-to-nlb-rtt
6655
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
u
dmp.v.fwmrm.net/ad/ Frame 530F 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f601:31be:eaee:1d8c:9fe8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 22:52:38 GMT
X-Fw-Request-Id
umeb608_1700261558979821358
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 530F 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D77cf2ec8-8d65-43fe-4db9-2cb237a73e32%26reqId%3D46673201-b08d-41e7-52cb-addc89e20ff1%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 17 Nov 2023 22:52:37 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame 530F 		0
0
mw
mwzeom.zeotap.com/ Frame 530F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=20564090378348313300107039783307670235&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=20564090378348313300107039783307670235&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
827b8b924e36654b-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

dcs
dcs-prod-irl1-1-v054-02a370a0b.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Fri, 17 Nov 2023 22:52:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
NV+38SPdQxQ=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://mwzeom.zeotap.com/mw?cid=20564090378348313300107039783307670235&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 530F 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
zeotap.php
bn01.er.bemail.it/ Frame 530F 		0
0
mw
mwzeom.zeotap.com/ Frame 530F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7302567781984041111&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-...
95 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7302567781984041111&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
827b8b921dbf654b-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7302567781984041111&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Date
Fri, 17 Nov 2023 22:52:37 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 530F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32
95 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Fri, 17 Nov 2023 22:52:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 530F
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=xyai4Nel49qxjMPq/MWNve&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=xyai4Nel49qxjMPq/MWNve&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
827b8b931f7e654b-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:37 GMT
via
1.1 google
last-modified
Fri, 17 Nov 2023 22:52:38 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=xyai4Nel49qxjMPq/MWNve&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 530F 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.80 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:38 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 530F
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=77cf2ec8-8d65-43fe-4db9-2cb237a73e32?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
95 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
827b8b92ff45654b-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:38 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
cache-control
no-cache
x-server
10.45.14.235
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 530F
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-eGgd29ZE2orYk5MJBbqEPJI8fwuMrfLE3g--~A&zpartnerid=570&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-eGgd29ZE2orYk5MJBbqEPJI8fwuMrfLE3g--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
827b8b945a08654b-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-eGgd29ZE2orYk5MJBbqEPJI8fwuMrfLE3g--~A&zpartnerid=570&env=mWeb
date
Fri, 17 Nov 2023 22:52:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 530F
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1iIxRWcmH0MNy4%2Flistdtux%2BS41iYitP1U%3D
95 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1iIxRWcmH0MNy4%2Flistdtux%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
827b8b93b88a654b-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:38 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1iIxRWcmH0MNy4%2Flistdtux%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 530F 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 530F 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.15.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-15-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
beacon-n024-dub-prod.krxd.net
date
Fri, 17 Nov 2023 22:52:38 GMT
cache-control
private, no-cache, no-store
x-request-time
D=54 t=1700261558
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 530F 		95 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.235.114.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.248.114.235.167.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
date
Fri, 17 Nov 2023 22:52:25 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame 530F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZVfutgAAaKwpLgBd&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-add...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZVfutgAAaKwpLgBd&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
827b8b956c19654b-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-fra-etou8220074-FRA
pragma
no-cache
date
Fri, 17 Nov 2023 22:52:38 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1700261558.480345,VS0,VE92
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZVfutgAAaKwpLgBd&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame 530F
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e2...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
54.72.15.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-15-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
beacon-n006-dub-prod.krxd.net
date
Fri, 17 Nov 2023 22:52:38 GMT
cache-control
private, no-cache, no-store
x-request-time
D=188 t=1700261558
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
date
Fri, 17 Nov 2023 22:52:38 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a020-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 530F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 22:52:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A8PT940PF9TNTDEE1NZM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 22:52:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1RMDDZD624DSR02DH3K6
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 530F 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.200.166 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 530F
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D77c...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
827b8b955c12654b-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
date
Fri, 17 Nov 2023 22:52:38 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame 530F 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncd
x.bidswitch.net/ Frame 530F 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D77cf2ec8-8d65-43fe-4db9-2cb237a73e32%26reqId%3D46673201-b08d-41e7-52cb-addc89e20ff1%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 530F 		95 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
827b8b942978654b-LHR
access-control-allow-headers
*
content-length
95
mw
mwzeom.zeotap.com/ Frame 530F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
  • https://mwzeom.zeotap.com/mw?cid=y4hT-5jYBPrQhFCvxYpL-8SJVfXQ2Vf0yI0GU54V&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=77cf2ec8-8d65-43f...
95 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y4hT-5jYBPrQhFCvxYpL-8SJVfXQ2Vf0yI0GU54V&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
827b8b95bcbf654b-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://mwzeom.zeotap.com/mw?cid=y4hT-5jYBPrQhFCvxYpL-8SJVfXQ2Vf0yI0GU54V&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cmp.min.js
spl.zeotap.com/ Frame 530F 		557 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
405970c7d447b6c93503ab5a5dec078ae508991ffa8f38a0fb5b86d71ed36911
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:37 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
827b8b90abf6654b-LHR
access-control-allow-headers
*
38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js
www.gstatic.com/mysidia/ Frame BF60 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Requested by
Host: 104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
URL: https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4046
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 09:24:48 GMT
7c8fef2b841c224dc9dd256dc808a409.js
www.gstatic.com/mysidia/ Frame BF60 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7c8fef2b841c224dc9dd256dc808a409.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: 104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
URL: https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e5c7bc3d4ed980d65a9d971762acc8dbe6c40c00144107a3e411e4197e81560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16607
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 09:24:48 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BF60 		2 KB
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
URL: https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:24:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
48469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 09:24:49 GMT
b91a06220cfa130b0e547db55a85d66b.js
www.gstatic.com/mysidia/ Frame BF60 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b91a06220cfa130b0e547db55a85d66b.js?tag=exit_2019
Requested by
Host: 104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
URL: https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9816
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 22:22:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 09:24:48 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame BF60 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: 104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
URL: https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:24:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
48469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 09:24:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BF60 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
URL: https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:28:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
30224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 14:28:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BF60 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
URL: https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
48469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 09:24:48 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BF60 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
URL: https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 22:52:38 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame BF60 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
URL: https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 09:24:49 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 3900 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-118.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 08:43:52 GMT
content-encoding
gzip
via
1.1 2e6275c73445d58429e5205e011d70ba.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
age
50926
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
MGTKueZ0Ye0yLbelDvwe0aQ_PlayEBllchrOOIgRsRYYZtzc0W3ezQ==
15581
rtb.gumgum.com/usync/ Frame 6194 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.115.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-115-153.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cfdb99a848e747194dba7a12e003a05b07117c1e38a247f41fe0c368fec2c9f3

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 17 Nov 2023 22:52:37 GMT
etag
W/"05e1ca5dcfad1a398b11ca232f7ef8acf"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame FA06 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 17 Nov 2023 22:52:37 GMT
csync
sync.adtelligent.com/ Frame F57A 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJMGDgAFUMeCk4H3
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 17 Nov 2023 22:52:36 GMT
Etag
2811e3769f3744f9
Server
Adtelligent
usersync.aspx
dis.criteo.com/dis/ Frame 245A
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVfutczLabQ3Ow7IQ.MiGQAA%263242&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVfutczLabQ3Ow7IQ.MiGQAA%263242&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f1594f41aa144ac1902eb10dca43ffea
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D&s=190243&C=1
Protocol
H2
Server
178.250.1.9 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:38 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
332044
expires
Fri, 17 Nov 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Fri, 17 Nov 2023 22:52:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
casale
match.adsrvr.org/track/cmf/ Frame 245A 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:37 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 245A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVfutczLabQ3Ow7IQ.MiGQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKR7ptteF1VYxpLU5LOSaKc&google_cver=1&google_hm=2
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKR7ptteF1VYxpLU5LOSaKc&google_cver=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D&s=190243&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bD7UnV3WcdRWl2TxIPhMpbVYzq%2FBZvltGy67jjXCsEninvdsbXNSyqj%2Bj8poqN%2Fdu0xbDwBcEN%2FpZSNKBCpXL65zkKq223V0MF8937oDjCd%2Fl1xDOJqvvEUzdqh3f5OkI2wbKLjTbgtl3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827b8b92586e419d-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKR7ptteF1VYxpLU5LOSaKc&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 245A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVfutczLabQ3Ow7IQ-MiGQAADKoAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVfutczLabQ3Ow7IQ-MiGQAADKoAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVfutczLabQ3Ow7IQ-MiGQAADKoAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 22:52:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CY9GMKDWF3C9MX073KYE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 22:52:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4DGBY2TXMZ7GJDEZQW4F
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVfutczLabQ3Ow7IQ-MiGQAADKoAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 245A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6LzoYQrN1R47Hw5
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6LzoYQrN1R47Hw5
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D&s=190243&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g37GVnQXb6jPQ22mOeA%2BuxiN9YnWER%2FSi%2BdWcRxkgpuGMxonAMGlcc1MPNdUsTbKAqO%2BCmNP3%2BlpJ2ZofBgE9xsu1AZssEIJp8Yy3ssKWPz5jCBj%2BbbnHpkzYoP60bD1puVlIkzU8Sn3rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827b8b9349a5419d-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 22:52:37 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6LzoYQrN1R47Hw5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ZVfutczLabQ3Ow7IQ-MiGQAADKoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 245A 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZVfutczLabQ3Ow7IQ-MiGQAADKoAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:8101:fe84:3355:65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 245A 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
bridge
cm.adgrx.com/ Frame 245A 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:38 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-2
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
um
u-ams03.e-planning.net/ Frame 245A 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=ef1ed76362059c90&uid=ZVfutczLabQ3Ow7IQ.MiGQAA%263242
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Def1ed76362059c90%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

server
openresty
date
Fri, 17 Nov 2023 22:52:37 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame 6194
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7396950277667648747
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7396950277667648747
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 22:52:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:38 GMT
an-x-request-uuid
3338a375-709b-49cc-8e5e-d9a7a1c4f370
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7396950277667648747
x-proxy-origin
82.199.130.43; 82.199.130.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 6194
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2917ba4e-a9bd-4307-bb80-e591310cf10b&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_2917ba4e-a9bd-4307-bb80-e591310cf10b&gdpr=&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=47f90e3f-88ca-44ee-99d6-c940680c6679&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=f3f481fa-49d2-413f-b75d-754fa435e152&expires=1&user_group=2&ssp=gumgum2&bsw_param=47f90e3f-88ca-44ee-99d6-c940680c6679&gdpr=&gdpr_consent=&gdpr_pd=
  • https://usersync.gumgum.com/usersync?b=bsw&i=47f90e3f-88ca-44ee-99d6-c940680c6679&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=47f90e3f-88ca-44ee-99d6-c940680c6679&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 22:52:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=47f90e3f-88ca-44ee-99d6-c940680c6679&gdpr=&gdpr_consent=&us_privacy=
date
Fri, 17 Nov 2023 22:52:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cm
us-u.openx.net/w/1.0/ Frame 6194 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame 6194
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f71074a5-c834-5aab-49ac-3ed2f9861b46$ip$82.199.130.43
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-f71074a5-c834-5aab-49ac-3ed2f9861b46$ip$82.199.130.43
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 22:52:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-f71074a5-c834-5aab-49ac-3ed2f9861b46$ip$82.199.130.43
Date
Fri, 17 Nov 2023 22:52:38 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 6194 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:8101:fe84:3355:65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame 6194
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=84a4fd5e-3950-49c7-a2d7-7479fd41a216
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=84a4fd5e-3950-49c7-a2d7-7479fd41a216
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 22:52:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=84a4fd5e-3950-49c7-a2d7-7479fd41a216
Date
Fri, 17 Nov 2023 22:52:38 GMT
Connection
keep-alive
X-CI-RTID
eddbd844-a0d8-4b5a-bbbc-4686da789fa4
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 6194 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:37 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 6194
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_2917ba4e-a9bd-4307-bb80-e591310cf10b&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 22:52:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Fri, 17 Nov 2023 22:52:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 6194
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=n3XKjQeSIJkp&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=n3XKjQeSIJkp&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 22:52:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-GB
location
https://usersync.gumgum.com/usersync?b=pln&i=n3XKjQeSIJkp&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-ltsqv
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 6194 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:37 GMT
content-length
0
um
sync.e-planning.net/ Frame 6194 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=ef1ed76362059c90&uid=e_2917ba4e-a9bd-4307-bb80-e591310cf10b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

server
openresty
date
Fri, 17 Nov 2023 22:52:38 GMT
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 919F 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.202.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-202-12.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 22:52:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 11:35:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45792
Connection
keep-alive
Content-Length
13230
Expires
Sat, 18 Nov 2023 11:35:50 GMT
usersync
rtb.gumgum.com/ Frame AE62
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=5881321304175027784&gdpr=&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=5881321304175027784&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.115.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-115-153.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Fri, 17 Nov 2023 22:52:38 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 17 Nov 2023 22:52:38 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=5881321304175027784&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame CE54 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yOTE3YmE0ZS1hOWJkLTQzMDctYmI4MC1lNTkxMzEwY2YxMGI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 22:52:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F3F2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=37658
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 17 Nov 2023 22:52:38 GMT
expires
Sat, 18 Nov 2023 09:20:16 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame C4B4 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 17 Nov 2023 22:52:38 GMT
server
Kestrel
idsync
tg.socdm.com/aux/ Frame 07F1 		0
0
usersync
usersync.gumgum.com/ Frame 03CD
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=_25m5vfA8QdfrE_etgM9bIvkJYP6tQ5xjrzBKuJs8kg&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=_25m5vfA8QdfrE_etgM9bIvkJYP6tQ5xjrzBKuJs8kg&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 17 Nov 2023 22:52:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 17 Nov 2023 22:52:38 GMT Fri, 17 Nov 2023 22:52:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=_25m5vfA8QdfrE_etgM9bIvkJYP6tQ5xjrzBKuJs8kg&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame D8F6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Def1ed76362059c90%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.202.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-202-12.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 22:52:38 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 17 Nov 2023 22:52:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
300x600_BF.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/ Frame 50DB 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7c8fef2b841c224dc9dd256dc808a409.js?tag=html5_display_upload/html5_exit_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45b0485f1f89d8fcd1d46495ee223349250a105299e419bed5897e236817254e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
211596
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1387
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 12:06:02 GMT
expires
Thu, 14 Nov 2024 12:06:02 GMT
last-modified
Thu, 09 Nov 2023 11:36:59 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
truncated
/ Frame BF60 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d3db8676d437e281a9070faaddde54759f6b421b87afd81fb3b0f7307251921

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
khaos.json
token.rubiconproject.com/ Frame 919F 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 50DB 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 20:50:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
7339
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 18 Nov 2023 20:50:19 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 50DB 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:17:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
66923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 18 Nov 2023 04:17:15 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 50DB 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 22:52:38 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 50DB 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 22:52:38 GMT
300x600_BF.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/ Frame 50DB 		275 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
454c8c87700db0e20bd2b7d49cf3f7eae62d0962f00cd843cff27482cc1a4bd0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Nov 2023 12:06:04 GMT
age
211594
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45001
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 11:36:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Nov 2024 12:06:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8782 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.unian.pm/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
28554
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 14:56:44 GMT
expires
Sat, 16 Nov 2024 14:56:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F02A 		829 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
78e646d437c32417f071b795a04233216105a8d879b73862a2a4982aa800fba1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-enw95wEojsQcov2-PQ7obg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.unian.pm/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-enw95wEojsQcov2-PQ7obg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 22:52:38 GMT
expires
Fri, 17 Nov 2023 22:52:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame D8F6 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.202.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-202-12.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 22:52:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 11:35:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=45792
Connection
keep-alive
Content-Length
13230
Expires
Sat, 18 Nov 2023 11:35:50 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F02A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=4397503710811414&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 8782 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
20580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:09:38 GMT
khaos.json
token.rubiconproject.com/ Frame D8F6 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
multitracking
ghb.adtelligent.com/adunit/ 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/L5lfN/hbw_master_298309_4142.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.unian.pm/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.unian.pm
Date
Fri, 17 Nov 2023 22:52:38 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
bgg.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/ Frame 50DB 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/bgg.png
Requested by
Host: 104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
URL: https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee2c07f00b7a8366d6725252c66b566c06c2368154ab7ef2c6058e5c424cdf6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 17 Nov 2023 21:12:04 GMT
x-content-type-options
nosniff
age
6034
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9942
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 11:36:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 16 Nov 2024 21:12:04 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame BF60
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CPVYBte5XZaWKGqC_juwPv9aGmAv2r6yjdKCMwoq3EtrZHhABIP3_hSNglQKgAaq7kvECyAEJqQIdK7wseJpdPuACAKgDAcgDSKoE3wJP0HMGS-r2CyUnjrkFgTMIMDqL6H0kcpTp3gAX...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227713798152078278584%22,%22debug_reporting%22:true,%22destination%22:%22https://samsung.com%22,%22event_report_window%22:%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227713798152078278584%22,%22debug_reporting%22:true,%22destination%22:%22https://samsung.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22774151594%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211030646994621079809%22}&andc=true
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:39 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"7713798152078278584","debug_reporting":true,"destination":"https://samsung.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["774151594"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"11030646994621079809"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Nov 2023 22:52:39 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 17 Nov 2023 22:52:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7713798152078278584","debug_reporting":true,"destination":"https://samsung.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["774151594"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"11030646994621079809"}&andc=true
access-control-allow-origin
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CPVYBte5XZaWKGqC_juwPv9aGmAv2r6yjdKCMwoq3EtrZHhABIP3_hSNglQKgAaq7kvECyAEJqQIdK7wseJpdPuACAKgDAcgDSKoE3wJP0HMGS-r2CyUnjrkFgTMIMDqL6H0kcpTp3gAXBd7zu9ld4PS_z4EViu213jFo-7e0aRW6wdOSXKXTlToyqrBXVlfxrFa0k4WI2sCirlwZk2Qqd3Xu_N4qANTdFQa9xUwhPdU_sMkoaBUzXRUxzxEJbV11qMpILqcbHSqUoTsqDWs572HuU4HcdHNGXA0bjom-6uQSKwU6PqJze0uXbTr5SN6O-QPriAWjQJdOCTCVK9qCDU86RpJKzGyo-UulnW0VkHaUoarYrPycNmQOD9N1dbmAX4ahgH5oG2kw_6hiISi65c9tQjUgfs8H2W0kKXoLmDV_vgV2bUG9raJiLjBNYw7qn1VedpIYh1RRMRkaSoUqvXqgrgzKbeQ7Jnn2nTdU3bn5RBvftwxAI5GCwR9SlqGnEprjtC8YUXTQOtyU22JRsikXSNnVrn9y0z1upbo8qgeNnRwVneFwJj8ycmTABNze8LLHBOAEAYgFsqS-q02gBi6AB77E7Y4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ8qsG0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJhQFodHRwczovL3d3dy5zYW1zdW5nLmNvbS91YS9vZmZlci9ibGFjay1mcmlkYXkvMjAyMy10ZWFzZXIvP2NpZD11YV9wZF9kaXNwbGF5X2dkbl90dl9ub25lXzEwOTkzX2F2X2JsYWNrLWZyaWRheV9ub3ZfYmFubmVyX2Rpc3BsYXlfZ2RugAoDyAsBogwQKg4KDOS0sQLutbECtbixAuINEwj6oZ7xj8yCAxWgn4MHHT-rAbPYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjAyODY0Mzk0NjQ2MTczNRjV2xY&sigh=sb1H4XIOx68&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNPmo56km7HRZ_D6xtL7l1E9abUDcbvy3Aaghwc-WCSvS9IQxi-vUDhxhJgUvXgD_BR1NEsTfRJJ3-osDlSqFoemQz4ppkK6BuA74YAQ&template_id=419&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 22:52:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
pagead2.googlesyndication.com/bg/ Frame D7E0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Requested by
Host: 104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
URL: https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
80189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15097
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 00:36:09 GMT
generate_204
tpc.googlesyndication.com/ Frame 8782 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IbG9BA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:52:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
pagead2.googlesyndication.com/bg/ Frame 50DB 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
80189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15097
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 00:36:09 GMT
black.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/ Frame 50DB 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/black.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ac847a88eae95dd98c55b2ff352cf2ca9504860befbcb890bcca15d097ab2fe
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 17 Nov 2023 15:54:10 GMT
x-content-type-options
nosniff
age
25108
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7678
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 11:36:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 16 Nov 2024 15:54:10 GMT
city.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/ Frame 50DB 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/city.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9396e33f7a194b377d7c4a48ac8fb69bd209c62c29b9b6941c718f900f17725
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 15 Nov 2023 12:06:04 GMT
x-content-type-options
nosniff
age
211594
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58961
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 11:36:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Nov 2024 12:06:04 GMT
date.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/ Frame 50DB 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/date.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddac4ac453c73692b19f72bff0ff58cb9c2e1b0a4e6245ea8424b362ffb765d1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 15 Nov 2023 12:06:04 GMT
x-content-type-options
nosniff
age
211594
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7346
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 11:36:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Nov 2024 12:06:04 GMT
friday.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/ Frame 50DB 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/friday.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53adaf686eb4a7eb0a9cd6d1cc283dd31008e3f31ae71c6d6b810652a3bc04c6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 15 Nov 2023 12:06:05 GMT
x-content-type-options
nosniff
age
211593
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8185
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 11:36:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Nov 2024 12:06:05 GMT
palm_01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/ Frame 50DB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/palm_01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eece66b64da2cc92d39b756e9e840b25e33a43ade7acac71424d5dc5f97ed8b5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 15 Nov 2023 21:33:09 GMT
x-content-type-options
nosniff
age
177569
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1604
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 11:36:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Nov 2024 21:33:09 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227713798152078278584%22,%22debug_reporting%22:true,%22destination%22:%22https://samsung.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22774151594%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211030646994621079809%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 22:52:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
palm_02.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/ Frame 50DB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/palm_02.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5059c71fcd0bc472dad5a5c696089d3af77c614e5f9251ddc0c3d51005f4b538
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 15 Nov 2023 12:06:05 GMT
x-content-type-options
nosniff
age
211593
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2781
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 11:36:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Nov 2024 12:06:05 GMT
palm_03.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/ Frame 50DB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/palm_03.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d326a1f89673a01d5d68d319466eef5f87b475ab198c7b0512ab4c595c13026
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 17 Nov 2023 22:48:25 GMT
x-content-type-options
nosniff
age
253
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2635
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 11:36:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 16 Nov 2024 22:48:25 GMT
ufo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/ Frame 50DB 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/image/ufo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7712b5062574e8493a04fdeee151761bef0da17c103ad3931f1ae910dc647cc7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10765207230632047813/300x600_BF.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 17 Nov 2023 16:11:55 GMT
x-content-type-options
nosniff
age
24044
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4132
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 11:36:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 16 Nov 2024 16:11:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=4397503710811414&bg=!aWqlaiXNAAZxrfrxUa07ADQBe5WfOJp_eBzjz98AWIRc6QwNPldrjz3uSeYlpnlDAHrBXMn6-tBYBy41MqtmgF3NoNJKAgAAAGFSAAAAA2gBBwoAsxgiCF6wK3i5mcKmvKwEQyxsHmyM5-5ih0_Y3MkHO55C6O_dUiK2kRIyEx1f0VpcTgg0a2zcrZ9LFfdcMzhcZEIsa7bY8Gd-0c13JNixsc9vlZfdBjag4yuyxzBfnW2QBiPOK6J7cpldlfD1mbzWr2cVGwLLGraXkb9npuUszKwogHsy97icIvGQGxFHXr7FDp-uuzYgUydMf4nyyuZlZFuPCCjRjTrwe3XfcWQjcdC_Lb0cmQK1EZeBkNmABVL2syOmPiltMHTjPFJxim0bOe05kKtSLnm4mDPVjW3VmbNEIvvWxVcejlt2KU04T78EXVBO8Kiytu5Cq_WNz0VEo9Rjuw3d3BPo_0XWPDrNb5dzQvz0KaaZ7qhCbFtdYXNx2rE8SMHkXX4_UH_m-3kTMsIX-ZPYWdy-84aTbqvh0rlt-8LyvN_Y_ppvFDcfGbCBrR-JX5z2FTYp31wZnO5jd-bJ7QVF9zylPqCTfhdHnwVbAH-bXP6tFMLhO5htd5VXZYnEFAy10D_hStWRhaTGmfKAwgD8rMKZGIueJTTxH2wLuXqLudquy_vZmdjl4fkfQZokTJmHxD9EHZHa4jmtrBERg7OgpDqpK8fiWHd8DwPYyVF0M14e82vWzOna6s8hP3xXzclywmafa1N6DwtaHNc7qYVkxb9YhLovCq5dJbWs98qdR9GyDhlGx9Ai-ndreYSDWxoipCHQiVk3JXlGFeMpq1aU4VLDxPfPa9Rj3okpfnXMpSTNfqJhgLvE5k-8jKnI-5KFItrptqpeprW0xg4yo2KtQkbPVpAIoVybEQJtQtKtWP6Bpz47RwTEJ5n3UDii_G0BmnbZ2D5p1fuqvja-b0t0r3oW-kbCz9QZNSdA4xCtzQZbqOeWEWlsWg7T_M74QTxfnj21dvQBevpUw90LKmFm4JXkHB-p6Z1gefG4ByGRXpf0REyiPGLL7Lx27AQpoMELc5RR-ulspWQlswWcNbghWRQC2uZBdkQQuxOHkEHrpn6Rm34LZPWXKWKqYIKGU5M0CN_awL7J35PDjascTx42QaX2kj4OODT2zaHfwQrx5t7jyAj308fU8KUZ6IiuS0-9lgGb4j5lM8KtctuwQn-X3ukgVgAW_ZYhdlPBPXWQU7A8EpE70v5GTvnuMLjDZ7ZuxgR0YojV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.unian.pm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame BF60 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWWhvdYCwr26-HZLmyELiOZQOXVGOpeIcgVnCo2KbBCdsf5WAIyXdZXI63TmvA9ZVzz625PPXrzGTFJbO5smRzIKn4cmAfSya2R6xF-14h5__jouuqNxouxIca-mNAxUwjTHpFvIdnWvLEIvWoFfbY8_WcICBEeNAC4zZeDUVaBqnYK_DEI8_0BA0atYiJClFiwu0MDOTI55PA4iYpSUcGgmtY9A6Qt_zs906aPRY9gubYZ2qIP0FQ5oEV4qgHjRCKHbRsA2qmpUVsittgDrmgRg70N5rktnU_7xmYIjewR8Zpyw1o3qRCmoa9UkqdaBd4P1VPucfsN2sYHXKrd4VPfu86eyJMA5bG8Z1-dDVwjPu7-HSCODCUxQrSaKjYUineTxbz7Am9n4RDb8SAc2L__6CfulWmuOeQTh28X_GYx1c9juNdA1sTTnBf31uOR0JV6zLQTEzgX_jE9qYlBEDZ3dYsCHfCyT-W-S8n6S_5Dm06Tq7HMuSPgoLB0ehHWPWTcbBMuHtwhX2HLvh8rdmTn6gPFD7tofFXDj-C1jm_jknC5FMtIfjiIiqVHAgbbfDDbr659xUeMCd4IHVMjZeh8yEVaWXAWRqs9uOEdNrt_T_2hl7fn36Z4FTqexYR6eUHIEqF_GNVisQ3AojxE0vB3T-ie-Tkgc6ljupp5cFUgDZbO5y_Tszq7sXPM6xYsTQsA9R-4UCWChpwlbPFFx_pSy2VTltMI4kvbvg4RelE68PnWPyvy4mklHoXolfkkTpqMCV1nKFiyNeq_Ou2h4m96Bp4kwmGLvhlR-sdG1MZDfDdSPbf9jtjhCBPlvows9FnmJijAfm-qoCwdQW6sRfzpBZsQbDnIzqaEGV5ZZOx1sItfsEhWQAhr8wDe8E19afEP3OhnwgR7Dm3Mq33OZ8LIXkauj1aSg70O5Hxt94hV9LTR6moLIV7MdhfEN6K4FRshfc6NsLiPEG_eqgQX1IewzoRY06WdHZ3NTy8mfBRpJLPQgeJDkZwbQFVnkVdqhJdq79S8sc3ImEXdbx6fGTeuofCd3MH99xC0s1-dbM_-1tB8FtQwPJYQFAXg63hYkt93EJJnuNDwkv-oQS4B8M7oDkW3qOifsAUTzYzHx24LBq804jAlDoIy5t1CJce8GDG3xwXGPYjHnGtLQ-eIqbfbAUGo6IfgiIKOYmBJSuz0L2OG9vEXo3xYwG9fgvh6f1kjypDfTJY78VOWU7S1zKxDxH0dy7oza-wEwMa1z7KkTaFu8zcqB3J4UYmXzDRdjFXGgTMFl8Zj0WIWYoypuPp5aV8qkxb5T1VHxuy40mST3aekwCHqBLyXGbhzp0S2IRLa5TGsZCxVVAVJ1EgYDtnCNUk2PlG7vj4BpoOFUvIpV-zGbqSqZrysLnzmkGnak5Fdl2GdyY2KJz2r5WWKKAxRJ_QcBJhQGyf29lG6CEx0bU1KeDFXwUKPHh19AYfOz7dXqcCqllSc5qptUNeWAWyp3YqOulAVu0m3w-j1hCN4DlRd2THwqaCRcJIDWUPqIZ0FHyD8pirmVIbbrVDWcPcnbfn-DFaEgWs4AQVxgQ0qdYXrHyuaH28&sai=AMfl-YSVJPDkxwaXXBdlKLrod8Njm98xKQxXa9YCTNvjqze5u99sWGFLS8DjT3wlNKH_F0Venn8NtbdEEtJ0Sqc8Z1d9sUjwEk_12i4MCBFztLVA8kEwKDPTpqC-r4nxHm742eqRZSA5AZe5MWSd6W5xfnGyopgWSD9FjsaCo_0&sig=Cg0ArKJSzPSQm71USekxEAE&cid=CAQSTwDICaaNPmo56km7HRZ_D6xtL7l1E9abUDcbvy3Aaghwc-WCSvS9IQxi-vUDhxhJgUvXgD_BR1NEsTfRJJ3-osDlSqFoemQz4ppkK6BuA74YAQ&id=lidar2&mcvt=1003&p=576,1138,1176,1438&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3007306932&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700261557759&rpt=445&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 22:52:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.unian.ua
URL
https://www.unian.ua/build/assets/fonts/Inter/Inter-Regular.woff
Domain
www.unian.ua
URL
https://www.unian.ua/build/assets/fonts/Inter/Inter-Medium.woff
Domain
www.unian.ua
URL
https://www.unian.ua/build/assets/fonts/Inter/Inter-SemiBold.woff
Domain
www.unian.ua
URL
https://www.unian.ua/build/assets/fonts/Inter/Inter-Bold.woff
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Domain
bn01.er.bemail.it
URL
https://bn01.er.bemail.it/zeotap.php?_bid=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture function| loadVideoNts function| handleIntersection object| options object| observerMembr object| dataLayer function| gtag object| google_tag_manager object| google_tag_data function| webpackJsonp function| Swiper function| Waypoint function| BlockAdBlock object| blockAdBlock function| jQuery function| $ string| waypointContextKey function| loadNextPage object| advertizer function| onYouTubeIframeAPIReady object| gaGlobal string| uww_template object| uww_container function| htmlDecode object| _paq object| adTargeting object| googletag object| vmpbjs object| vpb object| __cfBeacon number| c2 number| c1 string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| vmpbjsChunk object| mnet string| nobidVersion object| nobid number| google_unique_id object| GoogleGcLKhOms

80 Cookies

Domain/Path Name / Value
www.unian.pm/politics Name: PHPREFS
Value: full
i.liadm.com/s Name: _li_ss
Value: CggKBgjdARDCFg
.unian.pm/ Name: _ga_238PLP1PQZ
Value: GS1.1.1700261556.1.0.1700261556.60.0.0
.unian.pm/ Name: _ga_P6EEJX21DY
Value: GS1.1.1700261556.1.0.1700261556.60.0.0
.unian.pm/ Name: _ga_LQ29S76Q16
Value: GS1.1.1700261556.1.0.1700261556.60.0.0
.unian.pm/ Name: _ga
Value: GA1.2.1626409700.1700261557
.unian.pm/ Name: _gid
Value: GA1.2.1525737847.1700261557
.unian.pm/ Name: _gat_gtag_UA_32196466_2
Value: 1
www.unian.pm/ Name: _pk_id.7.1df6
Value: 8c94b92b1909a286.1700261557.
www.unian.pm/ Name: _pk_ses.7.1df6
Value: 1
www.unian.pm/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.unian.pm/ Name: _pubcid
Value: a61cde5c-9304-4ffd-8d39-f0eba3cec63d
ads.us.e-planning.net/ Name: CT
Value: 1
.adsinteractive.com/ Name: uids
Value: adsint-fHf3EWd8zoaYsDmStyvVZ2AHUc5O8xQat2tNXrwy
.e-planning.net/ Name: E
Value: AJMGDgAFUMeCk4H3
a4p.adpartner.pro/ Name: apuid
Value: 143b3229-bd71-4cec-9559-4e8e60bea29b
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adnxs.com/ Name: uuid2
Value: 7396950277667648747
.unian.pm/ Name: __gads
Value: ID=f53b167ab9adf9a5:T=1700261557:RT=1700261557:S=ALNI_MYknIWyIPkfecgAUyM19Ssn3hGNdg
.unian.pm/ Name: __gpi
Value: UID=00000ccb772f1baa:T=1700261557:RT=1700261557:S=ALNI_MbCMSfdlpzFwEvOximioXb1yinVWA
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_318c3714-c788-4a69-8f8f-fda89bc33c6b
.zeotap.com/ Name: zc
Value: 77cf2ec8-8d65-43fe-4db9-2cb237a73e32
.zeotap.com/ Name: zsc
Value: 6v%AB%A2%1AR%C1%80W%FCJ%15%C4w%A2k%0E%1Do%A6%07%BB%2BQ%83%5D%09%AFoN%D7%0Cg%D7%97%1B%C9%2B%7DM%7BX%DA%1DZ%DA%8F%2C%C2%87%D9%3D%A1%23%F2%B0%96%B5%06%80Tu%9A%22%7C%F7.%11%0Em%80+2%D2%B8%AC%25o%AC%0E%DF%5D%86%85%10%AB%5B%F6G%18%CEZ%90%26n%AACf%07%A7%E6U%D4%9C%F19s%04%93%23%25%C7%7D%B8%27%A0%D2%8A%C8%C6%D8B%5E%9C%22%80%12%ED%DD%15F%C5%E1%CD%B45%C4%22%18U%5D%1F%B1%02%84%17%10%11%5C4%EBv%40ra%A45V7%22%0B%08%0C%89%FCF%B6%22%95%C1
.casalemedia.com/ Name: CMID
Value: ZVfutczLabQ3Ow7IQ.MiGQAA
.casalemedia.com/ Name: CMPS
Value: 3242
.casalemedia.com/ Name: CMPRO
Value: 3242
.mgid.com/ Name: lmg_usr
Value: 8b258337-91cd-4fed-9b56-e1aca4e7b785
.mgid.com/ Name: lmg_r
Value: 25
.adtelligent.com/ Name: a754412
Value: 0000EEA
.adtelligent.com/ Name: a307971
Value: AJMGDgAFUMeCk4H3
.adtelligent.com/ Name: vmuid
Value: 33a85b19048a4266
.adtelligent.com/ Name: a750634
Value: adsint-fHf3EWd8zoaYsDmStyvVZ2AHUc5O8xQat2tNXrwy
.adtelligent.com/ Name: a307558
Value: 143b3229-bd71-4cec-9559-4e8e60bea29b
.gumgum.com/ Name: vst
Value: e_2917ba4e-a9bd-4307-bb80-e591310cf10b
.demdex.net/ Name: demdex
Value: 20564090378348313300107039783307670235
.go.sonobi.com/ Name: HAPLB8G
Value: s86122|ZVfuu
.adfarm1.adition.com/ Name: UserID1
Value: 7302567781984041111
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-af4d7199-589f-3ed2-bd7a-0f05ec3e2ac5
.adtelligent.com/ Name: a584890
Value: 1541475896715551487
.adtelligent.com/ Name: a297253
Value: 6465034710266543481
.adtelligent.com/ Name: a751004
Value: 7396950277667648747
.dpm.demdex.net/ Name: dpm
Value: 20564090378348313300107039783307670235
.bidswitch.net/ Name: tuuid
Value: 47f90e3f-88ca-44ee-99d6-c940680c6679
.bidswitch.net/ Name: c
Value: 1700261558
.bidswitch.net/ Name: tuuid_lu
Value: 1700261558
.doubleclick.net/ Name: IDE
Value: AHWqTUmoKwufQAp-mWP_Ylo9zisJb_sMzA22OG15mO3Q1K8-hTU_9rQ_sZl9VIL3E30
.adtelligent.com/ Name: a753378
Value: 8b258337-91cd-4fed-9b56-e1aca4e7b785
.trafmag.com/ Name: vid
Value: 5274591439248179
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.tapad.com/ Name: TapAd_TS
Value: 1700261557998
.tapad.com/ Name: TapAd_DID
Value: 7b493b5e-0b69-4b30-9a90-7d3887c9700d
.weborama.fr/ Name: AFFICHE_W
Value: 6VVwMCvs3kHp98
.w55c.net/ Name: wfivefivec
Value: 6LzoYQrN1R47Hw5
.creativecdn.com/ Name: u
Value: vCnQhCpTvWrpokp6qgtT
.creativecdn.com/ Name: g
Value: vCnQhCpTvWrpokp6qgtT_1700261558201
.creativecdn.com/ Name: ts
Value: 1700261558
.adform.net/ Name: C
Value: 1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: c5b45f34918a01ee
.w55c.net/ Name: matchcasale
Value: 5
.yahoo.com/ Name: A3
Value: d=AQABBLbuV2UCEK5R7Mt0jxDpBJxwlcKI6isFEgEBAQFAWWVhZeAKyiMA_eMAAA&S=AQAAAtwtoM9TGSamhwj_kxEuqF0
.adform.net/ Name: uid
Value: 5881321304175027784
.agkn.com/ Name: ab
Value: 0001%3AzCl6mA9Kq5FwkHXoF9vEnkuCYs0eLkxb
.nrich.ai/ Name: _nauid
Value: f3f481fa-49d2-413f-b75d-754fa435e152
.krxd.net/ Name: _kuid_
Value: P7A8JLt2
.fwmrm.net/ Name: _uid
Value: umeb608_7302568065398829690
.turn.com/ Name: uid
Value: 8228793670383708130
.liadm.com/ Name: lidid
Value: f1594f41-aa14-4ac1-902e-b10dca43ffea
.analytics.yahoo.com/ Name: IDSYNC
Value: 19ah~2f3y
.richaudience.com/ Name: avcid-zeo-uid
Value: 77cf2ec8-8d65-43fe-4db9-2cb237a73e32
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e2b46730-6913-4ab6-87fe-cbf500869f60-003%22%2C%22nxtrdr%22%3Afalse%7D
.amazon-adsystem.com/ Name: ad-id
Value: A-B-V6NpI0j8i-TihXJiBjA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZVfutgAAaKwpLgBd
.ipredictive.com/ Name: cu
Value: 84a4fd5e-3950-49c7-a2d7-7479fd41a216|1700261558479
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f71074a5-c834-5aab-49ac-3ed2f9861b46.bBuwTq0Rl9IFyzJgqyQbElm7lfUSxWwxGJq53O2ec40
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f71074a5-c834-5aab-49ac-3ed2f9861b46.bBuwTq0Rl9IFyzJgqyQbElm7lfUSxWwxGJq53O2ec40
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A9xB0pcg0WqtJrD7S-YYbRlLHgis.eimjhUQSVHBthJC8iQF0YKYX29jj13mhrJL2qiaFm2A
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A9xB0pcg0WqtJrD7S-YYbRlLHgis.eimjhUQSVHBthJC8iQF0YKYX29jj13mhrJL2qiaFm2A
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIOLEj3yVko5B2aHGXptdGwhn8325yARRVQpkWkdhn4KhEHwYBCC23d-qBjABOgRyABfNQgSxbiO8.%2FmSNn9Ab5zoyONveWePW%2B586Q22UXEl3hN7JaqZxL8I
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIOLEj3yVko5B2aHGXptdGwhn8325yARRVQpkWkdhn4KhEHwYBCC23d-qBjABOgRyABfNQgSxbiO8.%2FmSNn9Ab5zoyONveWePW%2B586Q22UXEl3hN7JaqZxL8I

18 Console Messages

Source Level URL
Text
javascript error URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Message:
Access to font at 'https://www.unian.ua/build/assets/fonts/Inter/Inter-Medium.woff' from origin 'https://www.unian.pm' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.unian.ua/build/assets/fonts/Inter/Inter-Medium.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Message:
Access to font at 'https://www.unian.ua/build/assets/fonts/Inter/Inter-Regular.woff' from origin 'https://www.unian.pm' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.unian.ua/build/assets/fonts/Inter/Inter-Regular.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Message:
Access to font at 'https://www.unian.ua/build/assets/fonts/Inter/Inter-SemiBold.woff' from origin 'https://www.unian.pm' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.unian.ua/build/assets/fonts/Inter/Inter-SemiBold.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.unian.pm/politics/zima-budet-chernoj.php
Message:
Access to font at 'https://www.unian.ua/build/assets/fonts/Inter/Inter-Bold.woff' from origin 'https://www.unian.pm' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.unian.ua/build/assets/fonts/Inter/Inter-Bold.woff
Message:
Failed to load resource: net::ERR_FAILED
network error
Message:
A bad HTTP response code (404) was received when fetching the script.
network error URL: https://s.console.adtarget.com.tr/sync/?aid=755289&gdpr_source=none&refer=https://www.unian.pm/
Message:
Failed to load resource: the server responded with a status of 451 (Unavailable For Legal Reasons)
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=ef1ed76362059c90
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Def1ed76362059c90%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tags.bluekai.com/site/87734?id=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=77cf2ec8-8d65-43fe-4db9-2cb237a73e32&reqId=46673201-b08d-41e7-52cb-addc89e20ff1&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

104e5a5aebf4fd9415bcdd2cb22156cb.safeframe.googlesyndication.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.turn.com
ads.pubmatic.com
ads.us.e-planning.net
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bn01.er.bemail.it
c1.adform.net
cdnstat.net
cm-x.mgid.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
cookies.nextmillmedia.com
counter.unian.net
creativecdn.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ggspace.space
ghb.adtelligent.com
hbx.media.net
i.e-planning.net
i.liadm.com
ib.adnxs.com
idsync.frontend.weborama.fr
image6.pubmatic.com
images.unian.net
loadeu.exelator.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mundowao.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
player.adtcdn.com
player.adtelligent.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
region1.analytics.google.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum.casalemedia.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.admanmedia.com
sync.adsinteractive.com
sync.adtelligent.com
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.trafmag.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams03.e-planning.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.gumgum.com
vid.vidoomy.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.unian.pm
www.unian.ua
x.bidswitch.net
bn01.er.bemail.it
sync.tidaltv.com
tg.socdm.com
www.unian.ua
104.122.39.115
104.22.61.153
142.250.185.98
145.40.97.67
151.101.2.49
157.245.23.44
167.235.114.248
172.64.151.101
178.250.1.9
18.184.223.197
18.198.69.109
18.239.18.118
184.30.16.195
185.15.245.80
185.184.8.90
185.64.190.78
185.86.138.151
188.114.96.3
193.200.65.5
193.3.178.2
193.3.178.4
195.137.240.24
2.18.160.23
2001:4860:4802:34::36
2001:4860:4802:38::178
205.234.175.175
206.71.148.217
208.93.169.131
216.52.2.39
23.227.146.18
2600:1f18:6593:f601:31be:eaee:1d8c:9fe8
2606:4700:10::6816:1857
2606:4700:3035::6815:43cb
2606:4700::6810:3865
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2006
2a00:1450:400c:c0c::9b
2a01:4f8:262:3e06::2
2a02:6ea0:c700::10
2a04:4e42::300
2a05:d018:d29:3602:8101:fe84:3355:65
2a06:98c1:3120::3
2a06:98c1:3121::3
2a0c:5c87:5241::2
3.125.12.15
3.127.126.167
3.248.115.153
3.33.220.150
3.71.149.231
34.111.113.62
34.111.131.239
34.160.236.64
34.194.65.1
34.224.175.55
34.247.233.198
35.186.253.211
35.244.159.8
37.157.2.229
37.157.3.20
37.252.172.123
45.133.44.3
46.228.164.11
46.228.174.117
50.31.142.159
51.38.120.206
51.68.39.188
51.83.220.94
52.46.151.131
52.58.37.65
54.146.239.191
54.165.170.24
54.171.198.71
54.171.200.20
54.175.48.210
54.204.154.145
54.72.15.103
54.73.167.29
63.251.232.170
67.202.105.23
67.220.228.201
69.166.1.66
69.173.144.138
69.173.144.139
76.223.111.18
8.18.47.7
8.2.110.161
8.2.110.17
85.114.159.93
95.101.200.166
95.101.202.12
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
0ab52489626b4e4e2a33171ba637eed4e172cae347378a9a2c5ca389a65a70c4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0ca8f5b94346c3f37d7c138e9a138e95eb48d06033c8e94567873887e2914758
1022331ae86fd1238c175b3beb5d01d5a2338464a0d0625ad5fc08b32472309e
141d4d75975de3ebe0cdee4819a857803301193c7db5908432070768e53b6f98
18b35dff91304f75c6dd679ebd082bcb67f169f3364e381a7034948c7e530448
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a4d553d96248a43d4eb8bee0b2bc30bbd66b3d3f177dbdee2adc75e406367ef
1d192d8283724bae1808b9bbe85469aca292d935607ba89c733ed7885b4eebbb
1d326a1f89673a01d5d68d319466eef5f87b475ab198c7b0512ab4c595c13026
1d3db8676d437e281a9070faaddde54759f6b421b87afd81fb3b0f7307251921
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b
23427265e480b907f734cb895dc310e5df6da056639b3b307cd5afb8ddfd8778
26a7a5db2bf54b772772ef0ae3d4923a732bbed34dd33671f215de0793b2f1d2
28b1f4b9f20caeb834a4131d0b100e53f258fe81b8ac5367798f22bbb7869bfa
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33a083402efeda73bd3f9cbd4d69d11c721d879ff6ff99e44b24d1d13064c741
364c0d38022b47c1e2e7facf4f4e938d0c0f67862317249fd1766699af9c6173
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3cfcec1eac83e9280c7b5974678eb98449f412217e465c4a09a2de6b67ccc2f2
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405970c7d447b6c93503ab5a5dec078ae508991ffa8f38a0fb5b86d71ed36911
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42a148f94c7433e8e01eda92379e94205023804368bdf0f305fb239631b7ac6e
446a17d391ce78c84be8e8dd9fcf0280f8e5c22d482bd78bf2435e7c76c62a3c
44d18febe35cb8ac1fb4f8844ca2228cf1f7dd452d044ba1fba77c28e0180e71
454c8c87700db0e20bd2b7d49cf3f7eae62d0962f00cd843cff27482cc1a4bd0
45b0485f1f89d8fcd1d46495ee223349250a105299e419bed5897e236817254e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
5059c71fcd0bc472dad5a5c696089d3af77c614e5f9251ddc0c3d51005f4b538
5363e5efdd6b816fce8ea9e7d221960529575fa79fc5f94459f6156ef48c4354
53adaf686eb4a7eb0a9cd6d1cc283dd31008e3f31ae71c6d6b810652a3bc04c6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549c4110ac74fbc6998525980ca52455ce85f2e7ffa817de1f9f0e7cd346d07f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
5e13647bbf338c833e09542cb30f7933acd0773da676db6148be95ba2ca9aa3b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64a041825d55e90e4dd040673c9633e258968b33d56fcd524a536332c7ae533e
64cdf7dffce31831122aa6d04e86c6c90ab233a9210575a0266d4f7432bfc581
6574b372f3cbbddc9af0a2f40c8be7b91a50494b59c1c8d6a47ed2da9b03a318
6a6adeb96c9545bcfd7798c185bb3bc9ecab6926ec5de00cd5363eea1b2677fb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d85fa8f2daa47e3ce90efb3cd812baa2c5d1b01d7300cabdccc373747ae5876
6e5c7bc3d4ed980d65a9d971762acc8dbe6c40c00144107a3e411e4197e81560
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
728ef848efe5186f1ac228e701c3ebac4c26db1a247da640684596c01b386e90
760100b1b6b1f7c6f11fe8dfad6470ec848d07d1ae1504b748bbb64325eff31b
7712b5062574e8493a04fdeee151761bef0da17c103ad3931f1ae910dc647cc7
78e646d437c32417f071b795a04233216105a8d879b73862a2a4982aa800fba1
7927a2fb0fabb41eaafa5410a21e8cad5477c60d36b21e566f55d17459492ff9
79d18f21b7d7fc001a1dc81a1fe1c277959a0373238c3806aa8a0e8ef1b8b108
7d083520173ee5d08aa66c3b31699ba474ec475f6ab37fd6d326388e32e98686
7d6a9dc715c06e6dac706144dce80376ff5557087f4879ec15c68f7a775e4816
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8936c3f974d5a9641fb3579790de81487b342ebd4419d032e6cdc4f05ea310b1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ee2c07f00b7a8366d6725252c66b566c06c2368154ab7ef2c6058e5c424cdf6
8f32968d837bc4bf6d372774b38acfbfa0bd2d4950b23b5eeb71b07ab60219bf
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
98a2c82b50564219cec6802f7466aa41f912dd9e67209011ddeac90c2be1ff78
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ac847a88eae95dd98c55b2ff352cf2ca9504860befbcb890bcca15d097ab2fe
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4
9f539a4d1ca5c8396bad8d5eaac186b91c5d086c4b3e6262da974aa9579a2782
a2f800d3c114ade646cd964cc285934a07c7673db905f93bf733dd8e284cecb7
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b
a9d31045bb8a4879a41901666a092e6a6f8da33c188dbe504ee4aa6443df2c40
adbd0ff2fb438a86b8a4e951c46d36cb45930687b0dcbca9e95bab21f1114b61
af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4381f57a97774e03d46851fef1828ecbdeb09354d41fc18ab5b901b419be2fa
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1
cfdb99a848e747194dba7a12e003a05b07117c1e38a247f41fe0c368fec2c9f3
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
dafd18ea318022295bb52118f790773eba3dca6b84d71fc02a0974ce972fcba2
dbea9cb83aaedddf07f9d67081705f875ab13970f54db7c67faa15256974a1b7
ddac4ac453c73692b19f72bff0ff58cb9c2e1b0a4e6245ea8424b362ffb765d1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de3c76a0ec174cb017251a1ff41a908fe14faeef0c88e593aacc9c6b2fc00590
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7846b302e5d49fd0011306c39184a092324490bdd7cc9f82a903a70ed2c3133
e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d
e9396e33f7a194b377d7c4a48ac8fb69bd209c62c29b9b6941c718f900f17725
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
eb9f037b8ddff6f9ef0236c133d4204a4b0488896d0f7ce56e132cb6b704f5f3
eece66b64da2cc92d39b756e9e840b25e33a43ade7acac71424d5dc5f97ed8b5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48